Fixed Intel

CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Sep 7, 2022

CVE-2009-3960

High
EPSS 88.7%CISA KEVRansomware
Adobe/BlazeDS

Description

Adobe BlazeDS, which is utilized in LifeCycle and Coldfusion, contains a vulnerability that allows for information disclosure.

EPSS — Exploit Probability

88.7%

Higher than 99.5% of all CVEs

Required Action

https://nvd.nist.gov/vuln/detail/CVE-2009-3960

Risk Assessment

CRITICAL
In CISA KEV
High EPSS
Ransomware

Details

Severity
High
EPSS
88.7%
CISA KEV
Yes
Ransomware
Known
Articles
0

Timeline

Published

Mar 7, 2022

Added to KEV

Mar 7, 2022

Remediation Due

Sep 7, 2022

Affected Product

Adobe

BlazeDS

View all Adobe CVEs

External Links

NVD (NIST)CVE DetailsMITRE CVE