CVE-2019-8073
ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Command Injection via Vulnerable
ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Command Injection via Vulnerable component vulnerability. Successful exploitation could lead to Arbitrary code execution in the context of the current user.
CRITICAL · CVSS 9.8
EPSS 0.12777
Schedule remediation
- EPSS ≥ 0.10 - elevated exploitation probability
- EPSS percentile: top 6% of all CVEs by exploitation likelihood
- CVSS base score ≥ 7.0
Sigma rules0
YARA rules0