WEB Adobe ColdFusion CVE-2023-38204 Insecure Deserialization
An insecure deserialization vulnerability exists in Adobe ColdFusion. The vulnerability is due to deserialization of untrusted data when processing HTTP parameters sent to ColdFusion Component (CFC) endpoints. A remote, unauthenticated, attacker could exploit this vulnerability by sending crafted requests to the target server. Successful exploitation could result in arbitrary code execution in the security context of SYSTEM.
Remote code execution
Update vendor's patch.
IPS Anomaly Group
IPS Rule Default Action