Unrated severityNVD Advisory· Published Jun 12, 2019· Updated Aug 4, 2024
CVE-2019-7839
CVE-2019-7839
Description
ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.
Affected products
2<= Update 3 (2016), <= Update 10 (11), <= Update 18 (10)+ 1 more
- (no CPE)range: <= Update 3 (2016), <= Update 10 (11), <= Update 18 (10)
- (no CPE)range: Update 3 and earlier, Update 10 and earlier, and Update 18 and earlier versions
Patches
Vulnerability mechanics
References
3- packetstormsecurity.com/files/153439/Coldfusion-JNBridge-Remote-Code-Execution.htmlmitrex_refsource_MISC
- helpx.adobe.com/security/products/coldfusion/apsb19-27.htmlmitrex_refsource_CONFIRM
- seclists.org/bugtraq/2019/Jun/38mitremailing-listx_refsource_BUGTRAQ
News mentions
0No linked articles in our index yet.