Description
Due to the vulnerability in ColdFusion's access control and the insecure WDDX deserialization vulnerability, an unauthenticated attacker might send a specially-crafted serialized request to execute arbitrary code on the system.
Remediation
Upgrade to the latest version of Adobe ColdFusion