Strike ID:
E19-0wr31
CVSS:
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
False Positive:
t
Variants:
2
Year:
2019

Description

This strike exploits a remote code execution vulnerability present in Adobe ColdFusion platform. This vulnerability is due to the JNBridge binary protocol port being exposed without any authentication. By exploiting an unpatched version of the application, an attacker is thus able to remotely execute arbitrary code as the root or SYSTEM privileges.

CVE

References

MSB

BID

ExploitDB

Secunia

Security Tracker

Metasploit

ZDI

Google

OSVDB

{}