CVE-2018-4939

Known Exploited (CISA KEV)CRITICAL

9.8

CVSS Severity Score

EPSS Score61.0170%

EPSS Percentile87.58th

Published2018年5月19日

Last Modified2025年10月23日

Vulnerability Description

Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Deserialization of Untrusted Data vulnerability. Successful exploitation could lead to arbitrary code execution.

Affected Platforms (CPE)

📦

Adobe

Coldfusion

= 11.0

📦

Adobe

Coldfusion

= 11.0

📦

Adobe

Coldfusion

= 11.0

📦

Adobe

Coldfusion

= 11.0

📦

Adobe

Coldfusion

= 11.0

📦

Adobe

Coldfusion

= 11.0

📦

Adobe

Coldfusion

= 11.0

📦

Adobe

Coldfusion

= 11.0

📦

Adobe

Coldfusion

= 11.0

📦

Adobe

Coldfusion

= 11.0

📦

Adobe

Coldfusion

= 11.0

📦

Adobe

Coldfusion

= 11.0

📦

Adobe

Coldfusion

= 11.0

📦

Adobe

Coldfusion

= 11.0

📦

Adobe

Coldfusion

= 2016

📦

Adobe

Coldfusion

= 2016

📦

Adobe

Coldfusion

= 2016

📦

Adobe

Coldfusion

= 2016

📦

Adobe

Coldfusion

= 2016

📦

Adobe

Coldfusion

= 2016

References & Advisories

🔗 http://www.securityfocus.com/bid/103718

🔗 https://helpx.adobe.com/security/products/coldfusion/apsb18-14.html

🔗 http://www.securityfocus.com/bid/103718

🔗 https://helpx.adobe.com/security/products/coldfusion/apsb18-14.html

🔗 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-4939

Vulnerability Description

Affected Platforms (CPE)

Coldfusion

Coldfusion

Coldfusion

Coldfusion

Coldfusion

Coldfusion

Coldfusion

Coldfusion

Coldfusion

Coldfusion

Coldfusion

Coldfusion

Coldfusion

Coldfusion

Coldfusion

Coldfusion

Coldfusion

Coldfusion

Coldfusion

Coldfusion

References & Advisories

関連する脆弱性情報