forked from D-Haiming/gobypoc
-
Notifications
You must be signed in to change notification settings - Fork 2
/
Adobe-ColdFusion-Java-Deserialization-RCE-(CVE-2017-3066).json
69 lines (69 loc) · 4.06 KB
/
Adobe-ColdFusion-Java-Deserialization-RCE-(CVE-2017-3066).json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
{
"Name": "Adobe ColdFusion Java Deserialization RCE (CVE-2017-3066)",
"Description": "<p>Adobe ColdFusion is a dynamic web server product of Adobe.</p><p>There is a java deserialization vulnerability in Adobe ColdFusion. An attacker can use this vulnerability to execute arbitrary code in the context of the affected application, resulting in the takeover of server permissions.</p>",
"Product": "Adobe-ColdFusion",
"Homepage": "https://www.adobe.com/",
"DisclosureDate": "2017-11-01",
"Author": "[email protected]",
"FofaQuery": "app=\"Adobe-ColdFusion\"",
"GobyQuery": "app=\"Adobe-ColdFusion\"",
"Level": "3",
"Impact": "<p>There is a java deserialization vulnerability in Adobe ColdFusion. An attacker can use this vulnerability to execute arbitrary code in the context of the affected application, resulting in the takeover of server permissions.</p>",
"Recommendation": "<p>The vendor has released a bug fix, please pay attention to the update in time: <a href=\"https://helpx.adobe.com/security/products/coldfusion/apsb17-14.html\">https://helpx.adobe.com/security/products/coldfusion/apsb17-14.html</a></p><p>1. Set access policies and whitelist access through security devices such as firewalls.</p><p>2.If not necessary, prohibit public network access to the system.</p>",
"Translation": {
"CN": {
"Name": "Adobe ColdFusion 服务器产品存在 JAVA 反序列化漏洞(CVE-2017-3066)",
"VulType": ["代码执行"],
"Tags": ["代码执行"],
"Description": "<p>Adobe ColdFusion是美国奥多比(Adobe)公司的一款动态Web服务器产品。</p><p>Adobe ColdFusion中存在java反序列化漏洞。攻击者可利用该漏洞在受影响应用程序的上下文中执行任意代码,导致接管服务器权限。</p>",
"Impact": "<p>Adobe ColdFusion中存在java反序列化漏洞。攻击者可利用该漏洞在受影响应用程序的上下文中执行任意代码,导致接管服务器权限。</p>",
"Product": "Adobe-ColdFusion",
"Recommendation": "<p>⼚商已发布了漏洞修复程序,请及时关注更新:<a href=\"https://helpx.adobe.com/security/products/coldfusion/apsb17-14.html\">https://helpx.adobe.com/security/products/coldfusion/apsb17-14.html</a></p><p>1、通过防⽕墙等安全设备设置访问策略,设置⽩名单访问。</p><p>2、如⾮必要,禁⽌公⽹访问该系统。</p>"
},
"EN": {
"Name": "Adobe ColdFusion Java Deserialization RCE (CVE-2017-3066)",
"VulType": ["rce"],
"Tags": ["rce"],
"Description": "<p>Adobe ColdFusion is a dynamic web server product of Adobe.</p><p>There is a java deserialization vulnerability in Adobe ColdFusion. An attacker can use this vulnerability to execute arbitrary code in the context of the affected application, resulting in the takeover of server permissions.</p>",
"Impact": "<p>There is a java deserialization vulnerability in Adobe ColdFusion. An attacker can use this vulnerability to execute arbitrary code in the context of the affected application, resulting in the takeover of server permissions.</p>",
"Product": "Adobe-ColdFusion",
"Recommendation": "<p>The vendor has released a bug fix, please pay attention to the update in time: <a href=\"https://helpx.adobe.com/security/products/coldfusion/apsb17-14.html\">https://helpx.adobe.com/security/products/coldfusion/apsb17-14.html</a></p><p>1. Set access policies and whitelist access through security devices such as firewalls.</p><p>2.If not necessary, prohibit public network access to the system.</p>"
}
},
"References": [
"https://fofa.so"
],
"HasExp": true,
"ExpParams": [
{
"name": "AttackType",
"type": "select",
"value": "goby_shell_linux"
}
],
"ExpTips": null,
"ScanSteps": null,
"Tags": [
"rce"
],
"VulType": [
"rce"
],
"CVEIDs": [
"CVE-2017-3066"
],
"CVSSScore": "9.8",
"AttackSurfaces": {
"Application": null,
"Support": ["Adobe-ColdFusion"],
"Service": null,
"System": null,
"Hardware": null
},
"CNNVD": [
"CNNVD-201704-1418"
],
"CNVD": [
""
]
}