Lucene search
AttackerKBAKB:FDF5A3A7-D224-432D-A61A-88CFCB4B9799HistoryMay 19, 2018 - 12:00 a.m.
CVE-2018-4939
2018-05-1900:00:00
attackerkb.com
30
0.969 High
EPSS
Percentile
99.7%
Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Deserialization of Untrusted Data vulnerability. Successful exploitation could lead to arbitrary code execution.
Recent assessments:
gwillcox-r7 at October 20, 2020 6:50pm UTC reported:
This is now supposedly being exploited in the wild by Chinese state actors according to this NSA announcement: <https://media.defense.gov/2020/Oct/20/2002519884/-1/-1/0/CSA_CHINESE_EXPLOIT_VULNERABILITIES_UOO179811.PDF>
Assessed Attacker Value: 0
Assessed Attacker Value: 0Assessed Attacker Value: 0
Related
checkpoint_advisories
checkpoint_advisories
cve
cve
CVE-2018-4939
2018-05-19 17:29:01
nvd
nvd
CVE-2018-4939
2018-05-19 17:29:01
cisa_kev
cisa_kev
Adobe ColdFusion Deserialization of Untrusted Data Vulnerability
2021-11-03 00:00:00
prion
prion
Deserialization of untrusted data
2018-05-19 17:29:00
cvelist
cvelist
CVE-2018-4939
2018-05-19 17:00:00
seebug
seebug
ColdFusion RCE(CVE-2018-4939)
2018-06-19 00:00:00
nessus
nessus
openvas
openvas
Adobe ColdFusion Multiple Vulnerabilities (APSB18-14)
2018-04-12 00:00:00
adobe
adobe
APSB18-14 Security updates available for ColdFusion
2018-04-10 00:00:00
threatpost
threatpost
Bug Parade: NSA Warns on Cresting China-Backed Cyberattacks
2020-10-21 20:31:17
qualysblog
qualysblog
NSA Alert: Chinese State-Sponsored Actors Exploit Known Vulnerabilities
2020-10-22 23:10:29
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR
2022-02-23 05:39:00
ics
ics
Potential for China Cyber Response to Heightened U.S.βChina Tensions
2020-10-20 12:00:00