CVE-2015-5255 in Adobe and HP Products
Published on November 18, 2015

Adobe BlazeDS, as used in ColdFusion 10 before Update 18 and 11 before Update 7 and LiveCycle Data Services 3.0.x before 3.0.0.354175, 3.1.x before 3.1.0.354180, 4.5.x before 4.5.1.354177, 4.6.2.x before 4.6.2.354178, and 4.7.x before 4.7.0.354178, allows remote attackers to send HTTP traffic to intranet servers via a crafted XML document, related to a Server-Side Request Forgery (SSRF) issue.

Vendor Advisory NVD

Products Associated with CVE-2015-5255

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2015-5255 are published in these products:

Adobe ColdFusion

Adobe Livecycle Data Services

HP Xp7 Command View Advanced Edition

HP Xp P9000 Command View Advanced Edition

Exploit Probability

EPSS

2.90%

Percentile

86.15%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2015-5255 in Adobe and HP ProductsPublished on November 18, 2015

Products Associated with CVE-2015-5255

Exploit Probability

CVE-2015-5255 in Adobe and HP Products
Published on November 18, 2015