Description
Adobe BlazeDS, as used in ColdFusion 10 before Update 18 and 11 before Update 7 and LiveCycle Data Services 3.0.x before 3.0.0.354175, 3.1.x before 3.1.0.354180, 4.5.x before 4.5.1.354177, 4.6.2.x before 4.6.2.354178, and 4.7.x before 4.7.0.354178, allows remote attackers to send HTTP traffic to intranet servers via a crafted XML document, related to a Server-Side Request Forgery (SSRF) issue.
References (9)
Core 9
Core References
Third Party Advisory vendor-advisory
x_refsource_hp
http://marc.info/?l=bugtraq&m=145996963420108&w=2
Patch, Vendor Advisory x_refsource_confirm
https://helpx.adobe.com/security/products/coldfusion/apsb15-29.html
Exploit, Third Party Advisory x_refsource_misc
http://packetstormsecurity.com/files/134506/Apache-Flex-BlazeDS-4.7.1-SSRF.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1034210
Third Party Advisory x_refsource_confirm
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05073670
Vendor Advisory x_refsource_confirm
http://www.vmware.com/security/advisories/VMSA-2015-0008.html
Patch, Vendor Advisory x_refsource_confirm
https://helpx.adobe.com/security/products/livecycleds/apsb15-30.html
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/536958/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/77626
Scores
EPSS
0.0290
EPSS Percentile
86.5%
Details
CWE
CWE-20
Status
published
Products (8)
adobe/coldfusion
< 10.0
adobe/coldfusion
< 11.0
adobe/livecycle_data_services
3.0
adobe/livecycle_data_services
4.5
adobe/livecycle_data_services
4.6
adobe/livecycle_data_services
4.7
hp/xp7_command_view_advanced_edition
hp/xp_p9000_command_view_advanced_edition
Published
Nov 18, 2015
Tracked Since
Feb 18, 2026