Deserialization of Untrusted Data Vulnerability in ColdFusion Versions

Deserialization of Untrusted Data Vulnerability in ColdFusion Versions

CVE-2019-7091 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

ColdFusion versions Update 1 and earlier, Update 7 and earlier, and Update 15 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.

Learn more about our Web Application Penetration Testing UK.