Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2017-3066

Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier have a Java deserialization vulnerability in the Apache BlazeDS library. Successful exploitation could lead to arbitrary code execution.

  • Published: Apr 27, 2017
  • Updated: Apr 13, 2023
  • CVE: CVE-2017-3066
  • Severity: Critical
  • Exploit:

CVSS v3:

  • Severity: Critical
  • Score: 9.8
  • AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: High
  • Score: 10
  • AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

OWASP TOP 10:

Software From Fixed in
adobe / coldfusion 2016 2016.x
adobe / coldfusion 11.0 11.0.x
adobe / coldfusion 10.0 10.0.x
adobe / coldfusion 10.0-update1 10.0-update1.x
adobe / coldfusion 10.0-update10 10.0-update10.x
adobe / coldfusion 10.0-update11 10.0-update11.x
adobe / coldfusion 10.0-update12 10.0-update12.x
adobe / coldfusion 10.0-update13 10.0-update13.x
adobe / coldfusion 10.0-update14 10.0-update14.x
adobe / coldfusion 10.0-update15 10.0-update15.x
adobe / coldfusion 10.0-update16 10.0-update16.x
adobe / coldfusion 10.0-update17 10.0-update17.x
adobe / coldfusion 10.0-update18 10.0-update18.x
adobe / coldfusion 10.0-update19 10.0-update19.x
adobe / coldfusion 10.0-update2 10.0-update2.x
adobe / coldfusion 10.0-update20 10.0-update20.x
adobe / coldfusion 10.0-update21 10.0-update21.x
adobe / coldfusion 10.0-update22 10.0-update22.x
adobe / coldfusion 10.0-update3 10.0-update3.x
adobe / coldfusion 10.0-update4 10.0-update4.x
adobe / coldfusion 10.0-update5 10.0-update5.x
adobe / coldfusion 10.0-update6 10.0-update6.x
adobe / coldfusion 10.0-update7 10.0-update7.x
adobe / coldfusion 10.0-update8 10.0-update8.x
adobe / coldfusion 10.0-update9 10.0-update9.x
adobe / coldfusion 11.0-update1 11.0-update1.x
adobe / coldfusion 11.0-update10 11.0-update10.x
adobe / coldfusion 11.0-update11 11.0-update11.x
adobe / coldfusion 11.0-update2 11.0-update2.x
adobe / coldfusion 11.0-update3 11.0-update3.x
adobe / coldfusion 11.0-update4 11.0-update4.x
adobe / coldfusion 11.0-update5 11.0-update5.x
adobe / coldfusion 11.0-update6 11.0-update6.x
adobe / coldfusion 11.0-update7 11.0-update7.x
adobe / coldfusion 11.0-update8 11.0-update8.x
adobe / coldfusion 11.0-update9 11.0-update9.x
adobe / coldfusion 2016-update1 2016-update1.x
adobe / coldfusion 2016-update2 2016-update2.x
adobe / coldfusion 2016-update3 2016-update3.x