The host is installed with Adobe ColdFusion 11 before Update 15, 2016 before Update 7 or 2018 before Update 1 and is prone to a de-serialization of untrusted data vulnerability. A flaw is present in the application, which fails to handle the unspecified vectors. Successful exploitation could allow an attacker to cause arbitrary code execution.