E19-0wr31
CVSS:
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
False Positive:
f
Variants:
2
Year:
2019
Description
This strike exploits a remote code execution vulnerability present in Adobe ColdFusion platform.
This vulnerability is due to the JNBridge binary protocol port being exposed without any authentication.
By exploiting an unpatched version of the application, an attacker is thus able to remotely execute arbitrary code as the root or SYSTEM privileges.