Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2017-3066
HistoryApr 27, 2017 - 2:59 p.m.

Deserialization of untrusted data

2017-04-2714:59:00
PRIOn knowledge base
www.prio-n.com
10

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.91 High

EPSS

Percentile

98.8%

JSON

Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier have a Java deserialization vulnerability in the Apache BlazeDS library. Successful exploitation could lead to arbitrary code execution.

Related

zdt 1
exploitpack 1
cvelist 1
cve 1
attackerkb 1
ics 1
nessus 2
packetstorm 1
exploitdb 1
talosblog 1
adobe 1
openvas 1
threatpost 1
seebug 1
impervablog 1
zdt
zdt
Adobe Coldfusion 11.0.03.292866 - BlazeDS Java Object Deserialization Remote Code Execution Exploit
2018-02-07 00:00:00
exploitpack
exploitpack
Adobe Coldfusion 11.0.03.292866 - BlazeDS Java Object Deserialization Remote Code Execution
2018-02-07 00:00:00
cvelist
cvelist
CVE-2017-3066
2017-04-27 14:00:00
cve
cve
CVE-2017-3066
2017-04-27 14:59:00
attackerkb
attackerkb
CVE-2017-3066
2017-04-27 00:00:00
ics
ics
Publicly Available Tools Seen in Cyber Incidents Worldwide
2020-06-30 12:00:00
nessus
nessus
Adobe ColdFusion BlazeDS Java Object Deserialization RCE
2017-04-28 00:00:00
Adobe ColdFusion 10.x < 10u23 / 11.x < 11u12 / 2016.x < 2016u4 Multiple Vulnerabilities (APSB17-14)
2017-04-25 00:00:00
packetstorm
packetstorm
Adobe Coldfusion 11.0.03.292866 Remote Code Execution
2018-02-07 00:00:00
exploitdb
exploitdb
Adobe Coldfusion 11.0.03.292866 - BlazeDS Java Object Deserialization Remote Code Execution
2018-02-07 00:00:00
talosblog
talosblog
Rocke: The Champion of Monero Miners
2018-08-30 08:26:00
adobe
adobe
APSB17-14 Security update available for ColdFusion
2017-04-25 00:00:00
openvas
openvas
Adobe ColdFusion Multiple Vulnerabilities (APSB17-14)
2017-04-26 00:00:00
threatpost
threatpost
New Threat Actor β€˜Rocke’: A Rising Monero Cryptomining Menace
2018-08-30 20:35:39
seebug
seebug
Adobe ColdFusion εεΊεˆ—εŒ–ζΌζ΄žοΌˆCVE-2017-3066οΌ‰
2018-03-30 00:00:00
impervablog
impervablog
Deserialization Attacks Surge Motivated by Illegal Crypto-mining
2018-01-24 17:45:08

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.91 High

EPSS

Percentile

98.8%

JSON
Related for PRION:CVE-2017-3066
zdt1exploitpack1cvelist1cve1attackerkb1ics1nessus2packetstorm1exploitdb1talosblog1adobe1openvas1threatpost1seebug1impervablog1