Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
attackerkbAttackerKBAKB:35827632-EC31-4E5E-9B47-E5634C603428
HistoryApr 27, 2017 - 12:00 a.m.

CVE-2017-3066

2017-04-2700:00:00
attackerkb.com
24

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.91 High

EPSS

Percentile

98.5%

JSON

Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier have a Java deserialization vulnerability in the Apache BlazeDS library. Successful exploitation could lead to arbitrary code execution.

Recent assessments:

Assessed Attacker Value: 0
Assessed Attacker Value: 0Assessed Attacker Value: 0

Related

exploitpack 1
cve 1
zdt 1
ics 1
prion 1
nessus 2
packetstorm 1
exploitdb 1
talosblog 1
openvas 1
adobe 1
threatpost 1
seebug 1
impervablog 1
exploitpack
exploitpack
Adobe Coldfusion 11.0.03.292866 - BlazeDS Java Object Deserialization Remote Code Execution
2018-02-07 00:00:00
cve
cve
CVE-2017-3066
2017-04-27 14:59:00
zdt
zdt
Adobe Coldfusion 11.0.03.292866 - BlazeDS Java Object Deserialization Remote Code Execution Exploit
2018-02-07 00:00:00
ics
ics
Publicly Available Tools Seen in Cyber Incidents Worldwide
2020-06-30 12:00:00
prion
prion
Deserialization of untrusted data
2017-04-27 14:59:00
nessus
nessus
Adobe ColdFusion BlazeDS Java Object Deserialization RCE
2017-04-28 00:00:00
Adobe ColdFusion 10.x < 10u23 / 11.x < 11u12 / 2016.x < 2016u4 Multiple Vulnerabilities (APSB17-14)
2017-04-25 00:00:00
packetstorm
packetstorm
Adobe Coldfusion 11.0.03.292866 Remote Code Execution
2018-02-07 00:00:00
exploitdb
exploitdb
Adobe Coldfusion 11.0.03.292866 - BlazeDS Java Object Deserialization Remote Code Execution
2018-02-07 00:00:00
talosblog
talosblog
Rocke: The Champion of Monero Miners
2018-08-30 08:26:00
openvas
openvas
Adobe ColdFusion Multiple Vulnerabilities (APSB17-14)
2017-04-26 00:00:00
adobe
adobe
APSB17-14 Security update available for ColdFusion
2017-04-25 00:00:00
threatpost
threatpost
New Threat Actor β€˜Rocke’: A Rising Monero Cryptomining Menace
2018-08-30 20:35:39
seebug
seebug
Adobe ColdFusion εεΊεˆ—εŒ–ζΌζ΄žοΌˆCVE-2017-3066οΌ‰
2018-03-30 00:00:00
impervablog
impervablog
Deserialization Attacks Surge Motivated by Illegal Crypto-mining
2018-01-24 17:45:08

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.91 High

EPSS

Percentile

98.5%

JSON
Related for AKB:35827632-EC31-4E5E-9B47-E5634C603428
exploitpack1cve1zdt1ics1prion1nessus2packetstorm1exploitdb1talosblog1openvas1adobe1threatpost1seebug1impervablog1