Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    37 vulnerabilities by imperva

    VAR-201004-0342

    Vulnerability from variot - Updated: 2023-12-18 13:58

    Imperva SecureSphere Web Application Firewall and Database Firewall 5.0.0.5082 through 7.0.0.7078 allow remote attackers to bypass intrusion-prevention functionality via a request that has an appended long string containing an unspecified manipulation. An attacker can exploit this issue to bypass firewall restrictions. Successful exploits may lead to other attacks. The Imperva SecureSphere Database Firewall monitors and proactively protects databases from internal abuse, database attacks, and unauthorized activity. Protection provided by the Imperva device against attacks such as SQL injection and Cross-Site Scripting is negated, allowing unfiltered requests through to protected applications.

    SEVERITY RATING

    Rating: High Risk - CVSS 7.8 (AV:N/AC:L/Au:N/C:N/I:C/A:N) Impact: Bypass security control Where: Remote

    THREAT EVALUATION

    An attacker can use this flaw to bypass firewall protections. Only minimal skill is required and the bypass can be incorporated into existing exploitation frameworks and security testing tools. Exploitation of this issue does not permanently affect the device; each evasion request must contain the bypass payload.

    IDENTIFYING VULNERABLE INSTALLATIONS

    Administrators can identify the current version in use by going to the Licensing menu in the administration console. Versions less than those identified in the Solutions section below are vulnerable.

    DETECTING EXPLOITATION

    The Imperva device provides no indication when this vulnerability is exploited. If other controls are in place such as network traffic monitors, IDS/IPS, or web filters, these should be configured to alert on payloads containing attack patterns. This includes all versions of SecureSphere from 5.0 through 7.0.

    SOLUTION

    The vendor has released patches for affected versions to address this issue. Customers are strongly encouraged to apply the update as soon as possible. Refer to http://www.imperva.com/resources/adc/adc_advisories_response_clearskies.html for upgrade instructions. No reliable workaround is available.

    The vendor has provided the following version and patch data:

    Version Patch Number 7.0.0.7078 Patch 11 7.0.0.7061 Patch 11 6.2.0.6463 Patch 24 6.2.0.6442 Patch 24 6.0.6.6302 Patch 30 6.0.6.6274 Patch 30 6.0.5.6238 Patch 30 6.0.5.6230 Patch 30 6.0.4.6128 Patch 30 5.0.0.5082 Patch 30 6.0.4.6128 on XOS 8.0/5 ssgw-6128-CBI10 7.0.0.7078 on XOS 8.5.3 ssgw-7.0.0.7267-CBI28

    VULNERABILITY ID

    CVE-2010-1329

    TIME TABLE

    2009-08-31 - Vendor notified. 2010-03-09 - Vendor released patched firmware. 2010-04-05 - Public notification

    REFERENCES

    http://www.clearskies.net/documents/css-advisory-css1001-imperva.php http://www.imperva.com/resources/adc/adc_advisories_response_clearskies.html

    CREDITS

    Scott Miles and Greag Johnson, Clear Skies Security, identified this flaw.

    Clear Skies would like to thank Mike Sanders and Accuvant Labs for their assistance in clarifying and working with the vendor to correct this issue.

    LEGAL NOTICES

    Disclaimer: The information in the advisory is believed to be accurate at the time of publishing and is subject to change without notice. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. The author is not liable for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information.

    Copyright 2010 Clear Skies Security, LLC. Permission is granted for the redistribution of this alert electronically. To reprint this alert, in whole or in part, in any other medium other than electronically, please e-mail info (at) clearskies (dot) net for permission

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201004-0342",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "securesphere web application firewall",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "imperva",
            "version": "6.0.4.6128"
          },
          {
            "model": "securesphere web application firewall",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "imperva",
            "version": "7.0.0.7078"
          },
          {
            "model": "securesphere database firewall",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "imperva",
            "version": "6.0.6.6302"
          },
          {
            "model": "securesphere database firewall",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "imperva",
            "version": "6.0.6.6274"
          },
          {
            "model": "securesphere database firewall",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "imperva",
            "version": "6.0.4.6128"
          },
          {
            "model": "securesphere database firewall",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "imperva",
            "version": "6.2.0.6463"
          },
          {
            "model": "securesphere database firewall",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "imperva",
            "version": "7.0.0.7061"
          },
          {
            "model": "securesphere database firewall",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "imperva",
            "version": "6.2.0.6442"
          },
          {
            "model": "securesphere database firewall",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "imperva",
            "version": "5.0.0.5082"
          },
          {
            "model": "securesphere database firewall",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "imperva",
            "version": "7.0.0.7078"
          },
          {
            "model": "securesphere web application firewall",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "imperva",
            "version": "6.0.6.6302"
          },
          {
            "model": "securesphere web application firewall",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "imperva",
            "version": "6.0.6.6274"
          },
          {
            "model": "securesphere web application firewall",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "imperva",
            "version": "6.0.5.6238"
          },
          {
            "model": "securesphere web application firewall",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "imperva",
            "version": "6.0.5.6230"
          },
          {
            "model": "securesphere web application firewall",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "imperva",
            "version": "7.0.0.7061"
          },
          {
            "model": "securesphere web application firewall",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "imperva",
            "version": "6.2.0.6463"
          },
          {
            "model": "securesphere database firewall",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "imperva",
            "version": "6.0.5.6238"
          },
          {
            "model": "securesphere database firewall",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "imperva",
            "version": "6.0.5.6230"
          },
          {
            "model": "securesphere web application firewall",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "imperva",
            "version": "5.0.0.5082"
          },
          {
            "model": "securesphere web application firewall",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "imperva",
            "version": "6.2.0.6442"
          },
          {
            "model": "securesphere database firewall",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "imperva",
            "version": ".0.0.5082 to  7.0.0.7078"
          },
          {
            "model": "securesphere web application firewall",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "imperva",
            "version": "5.0.0.5082 to  7.0.0.7078"
          },
          {
            "model": "securesphere web application firewall on xos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "imperva",
            "version": "7.0.70788.5.3"
          },
          {
            "model": "securesphere web application firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "imperva",
            "version": "6.2.6442"
          },
          {
            "model": "securesphere web application firewall on xos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "imperva",
            "version": "6.0.4.61288.0/5"
          },
          {
            "model": "securesphere web application firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "imperva",
            "version": "5.0.5082"
          },
          {
            "model": "securesphere mx management server and gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "imperva",
            "version": "6.0"
          },
          {
            "model": "securesphere mx management server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "imperva",
            "version": "5.x"
          },
          {
            "model": "securesphere mx management server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "imperva",
            "version": "5.0"
          },
          {
            "model": "securesphere database firewall on xos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "imperva",
            "version": "7.0.70788.5.3"
          },
          {
            "model": "securesphere database firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "imperva",
            "version": "7.0.7078"
          },
          {
            "model": "securesphere database firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "imperva",
            "version": "7.0.7061"
          },
          {
            "model": "securesphere database firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "imperva",
            "version": "6.2.6463"
          },
          {
            "model": "securesphere database firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "imperva",
            "version": "6.2.6442"
          },
          {
            "model": "securesphere database firewall on xos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "imperva",
            "version": "6.0.4.61288.0/5"
          },
          {
            "model": "securesphere database firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "imperva",
            "version": "5.0.5082"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "39472"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-002814"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-1329"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201004-285"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:imperva:securesphere_web_application_firewall:6.0.5.6238:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:imperva:securesphere_web_application_firewall:5.0.0.5082:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:imperva:securesphere_web_application_firewall:6.0.6.6302:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:imperva:securesphere_web_application_firewall:6.2.0.6442:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:imperva:securesphere_web_application_firewall:6.2.0.6463:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:imperva:securesphere_web_application_firewall:7.0.0.7061:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:imperva:securesphere_web_application_firewall:6.0.5.6230:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:imperva:securesphere_web_application_firewall:6.0.6.6274:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:imperva:securesphere_database_firewall:7.0.0.7061:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:imperva:securesphere_database_firewall:5.0.0.5082:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:imperva:securesphere_database_firewall:6.0.6.6274:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:imperva:securesphere_database_firewall:6.0.6.6302:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:imperva:securesphere_database_firewall:6.2.0.6442:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:imperva:securesphere_database_firewall:6.2.0.6463:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:imperva:securesphere_database_firewall:6.0.5.6230:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:imperva:securesphere_database_firewall:6.0.5.6238:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:a:imperva:securesphere_web_application_firewall:6.0.4.6128:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:a:imperva:securesphere_database_firewall:6.0.4.6128:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:crossbeamsystems:xos:8.0\\/5:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:a:imperva:securesphere_database_firewall:7.0.0.7078:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:a:imperva:securesphere_web_application_firewall:7.0.0.7078:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:crossbeamsystems:xos:8.5.3:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2010-1329"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Scott Miles and Greag Johnson, Clear Skies Security",
        "sources": [
          {
            "db": "BID",
            "id": "39472"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201004-285"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2010-1329",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "impactScore": 6.9,
                "integrityImpact": "COMPLETE",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 7.8,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2010-1329",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-43934",
                "impactScore": 6.9,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:C/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2010-1329",
                "trust": 1.8,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201004-285",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-43934",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-43934"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-002814"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-1329"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201004-285"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Imperva SecureSphere Web Application Firewall and Database Firewall 5.0.0.5082 through 7.0.0.7078 allow remote attackers to bypass intrusion-prevention functionality via a request that has an appended long string containing an unspecified manipulation. \nAn attacker can exploit this issue to bypass firewall restrictions. Successful exploits may lead to other attacks. The Imperva SecureSphere Database Firewall \nmonitors and proactively protects databases from internal abuse, \ndatabase attacks, and unauthorized activity. Protection provided by the Imperva device against attacks \nsuch as SQL injection and Cross-Site Scripting is negated, allowing \nunfiltered requests through to protected applications. \n\nSEVERITY RATING\n===============\nRating: High Risk - CVSS 7.8 (AV:N/AC:L/Au:N/C:N/I:C/A:N) \nImpact: Bypass security control\nWhere:  Remote\n\nTHREAT EVALUATION\n=================\nAn attacker can use this flaw to bypass firewall protections. Only minimal skill is \nrequired and the bypass can be incorporated into existing exploitation \nframeworks and security testing tools. Exploitation of this issue does \nnot permanently affect the device; each evasion request must contain \nthe bypass payload. \n\nIDENTIFYING VULNERABLE INSTALLATIONS\n====================================\nAdministrators can identify the current version in use by going to the \nLicensing menu in the administration console. Versions less than those \nidentified in the Solutions section below are vulnerable. \n\nDETECTING EXPLOITATION\n======================\nThe Imperva device provides no indication when this vulnerability is \nexploited. If other controls are in place such as network traffic \nmonitors, IDS/IPS, or web filters, these should be configured to alert \non payloads containing attack patterns. This includes all versions of \nSecureSphere from 5.0 through 7.0. \n\nSOLUTION\n========\nThe vendor has released patches for affected versions to address this \nissue. Customers are strongly encouraged to apply the update as soon \nas possible. Refer to \nhttp://www.imperva.com/resources/adc/adc_advisories_response_clearskies.html \nfor upgrade instructions. No reliable workaround is available. \n\nThe vendor has provided the following version and patch data:\n\nVersion                  Patch Number\n7.0.0.7078               Patch 11\n7.0.0.7061               Patch 11\n6.2.0.6463               Patch 24\n6.2.0.6442               Patch 24\n6.0.6.6302               Patch 30\n6.0.6.6274               Patch 30\n6.0.5.6238               Patch 30\n6.0.5.6230               Patch 30\n6.0.4.6128               Patch 30\n5.0.0.5082               Patch 30\n6.0.4.6128 on XOS 8.0/5  ssgw-6128-CBI10\n7.0.0.7078 on XOS 8.5.3  ssgw-7.0.0.7267-CBI28\n \nVULNERABILITY ID\n================\nCVE-2010-1329 \n\nTIME TABLE\n==========\n2009-08-31 - Vendor notified. \n2010-03-09 - Vendor released patched firmware. \n2010-04-05 - Public notification\n\nREFERENCES\n==========\nhttp://www.clearskies.net/documents/css-advisory-css1001-imperva.php\nhttp://www.imperva.com/resources/adc/adc_advisories_response_clearskies.html \n\nCREDITS\n=======\nScott Miles and Greag Johnson, Clear Skies Security, identified this \nflaw. \n\nClear Skies would like to thank Mike Sanders and Accuvant Labs for \ntheir assistance in clarifying and working with the vendor to correct \nthis issue. \n\nLEGAL NOTICES\n=============\nDisclaimer: The information in the advisory is believed to be \naccurate at the time of publishing and is subject to change without \nnotice. Use of the information constitutes acceptance for use in an \nAS IS condition. There are no warranties with regard to this \ninformation. The author is not liable for any direct, indirect, or \nconsequential loss or damage arising from use of, or reliance on, \nthis information. \n\nCopyright 2010 Clear Skies Security, LLC. \nPermission is granted for the redistribution of this alert \nelectronically. To reprint this alert, in whole or in part, in any \nother medium other than electronically, please e-mail info (at) \nclearskies (dot) net for permission",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2010-1329"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-002814"
          },
          {
            "db": "BID",
            "id": "39472"
          },
          {
            "db": "VULHUB",
            "id": "VHN-43934"
          },
          {
            "db": "PACKETSTORM",
            "id": "88386"
          }
        ],
        "trust": 2.07
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-43934",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-43934"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2010-1329",
            "trust": 2.9
          },
          {
            "db": "BID",
            "id": "39472",
            "trust": 2.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-002814",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201004-285",
            "trust": 0.7
          },
          {
            "db": "BUGTRAQ",
            "id": "20100413 IMPERVA SECURESPHERE WEB APPLICATION FIREWALL AND DATABASE FIREWALL BYPASS VULNERABILITY",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "88386",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-43934",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-43934"
          },
          {
            "db": "BID",
            "id": "39472"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-002814"
          },
          {
            "db": "PACKETSTORM",
            "id": "88386"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-1329"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201004-285"
          }
        ]
      },
      "id": "VAR-201004-0342",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-43934"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2023-12-18T13:58:01.761000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Imperva Security Response for CVE-2010-1329",
            "trust": 0.8,
            "url": "http://www.imperva.com/resources/adc/adc_advisories_response_clearskies.html"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-002814"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2010-1329"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "http://www.securityfocus.com/bid/39472"
          },
          {
            "trust": 2.1,
            "url": "http://www.imperva.com/resources/adc/adc_advisories_response_clearskies.html"
          },
          {
            "trust": 1.8,
            "url": "http://www.clearskies.net/documents/css-advisory-css1001-imperva.php"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/archive/1/510709/100/0/threaded"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1329"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1329"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/archive/1/archive/1/510709/100/0/threaded"
          },
          {
            "trust": 0.3,
            "url": "http://www.imperva.com"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/510709"
          },
          {
            "trust": 0.1,
            "url": "http://www.imperva.com/products/securesphere-data-security-suite.html)"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1329"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-43934"
          },
          {
            "db": "BID",
            "id": "39472"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-002814"
          },
          {
            "db": "PACKETSTORM",
            "id": "88386"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-1329"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201004-285"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-43934"
          },
          {
            "db": "BID",
            "id": "39472"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-002814"
          },
          {
            "db": "PACKETSTORM",
            "id": "88386"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-1329"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201004-285"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2010-04-15T00:00:00",
            "db": "VULHUB",
            "id": "VHN-43934"
          },
          {
            "date": "2010-04-14T00:00:00",
            "db": "BID",
            "id": "39472"
          },
          {
            "date": "2011-06-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2010-002814"
          },
          {
            "date": "2010-04-15T22:23:03",
            "db": "PACKETSTORM",
            "id": "88386"
          },
          {
            "date": "2010-04-15T17:30:00.553000",
            "db": "NVD",
            "id": "CVE-2010-1329"
          },
          {
            "date": "2010-04-15T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201004-285"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-10-10T00:00:00",
            "db": "VULHUB",
            "id": "VHN-43934"
          },
          {
            "date": "2010-04-14T00:00:00",
            "db": "BID",
            "id": "39472"
          },
          {
            "date": "2011-06-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2010-002814"
          },
          {
            "date": "2018-10-10T19:56:47.740000",
            "db": "NVD",
            "id": "CVE-2010-1329"
          },
          {
            "date": "2010-04-15T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201004-285"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201004-285"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Imperva SecureSphere of  Web Application Firewall and  Database Firewall In  intrusion-prevention Vulnerability that bypasses functionality",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-002814"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "lack of information",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201004-285"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202001-0021

    Vulnerability from variot - Updated: 2023-12-18 13:37

    Imperva SecureSphere Web Application Firewall (WAF) before 12-august-2010 allows SQL injection filter bypass. A security vulnerability exists in Imperva SecureSphere WAF prior to 12-august-2010. Attackers can use a specially crafted string to exploit this vulnerability to bypass SQL injection filters

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202001-0021",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "securesphere web application firewall",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "imperva",
            "version": "2010-08-12"
          },
          {
            "model": "securesphere web application firewall",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "imperva",
            "version": "12-august-2010"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-005563"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-5266"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:imperva:securesphere_web_application_firewall:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "2010-08-12",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2011-5266"
          }
        ]
      },
      "cve": "CVE-2011-5266",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 7.5,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "CVE-2011-5266",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-53211",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2011-5266",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2011-5266",
                "trust": 1.8,
                "value": "CRITICAL"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202001-279",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-53211",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-53211"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-005563"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-5266"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-279"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Imperva SecureSphere Web Application Firewall (WAF) before 12-august-2010 allows SQL injection filter bypass. A security vulnerability exists in Imperva SecureSphere WAF prior to 12-august-2010. Attackers can use a specially crafted string to exploit this vulnerability to bypass SQL injection filters",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2011-5266"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-005563"
          },
          {
            "db": "VULHUB",
            "id": "VHN-53211"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2011-5266",
            "trust": 2.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-005563",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-279",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-53211",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-53211"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-005563"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-5266"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-279"
          }
        ]
      },
      "id": "VAR-202001-0021",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-53211"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2023-12-18T13:37:59.590000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "https://www.imperva.com/"
          },
          {
            "title": "Imperva SecureSphere Web Application Firewall SQL Repair measures for injecting vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=108377"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-005563"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-279"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-89",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-53211"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-005563"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-5266"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "http://seclists.org/fulldisclosure/2011/may/163"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-5266"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-5266"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-53211"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-005563"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-5266"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-279"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-53211"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-005563"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-5266"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-279"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-01-08T00:00:00",
            "db": "VULHUB",
            "id": "VHN-53211"
          },
          {
            "date": "2020-01-31T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-005563"
          },
          {
            "date": "2020-01-08T23:15:10.283000",
            "db": "NVD",
            "id": "CVE-2011-5266"
          },
          {
            "date": "2020-01-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202001-279"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-01-15T00:00:00",
            "db": "VULHUB",
            "id": "VHN-53211"
          },
          {
            "date": "2020-01-31T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-005563"
          },
          {
            "date": "2020-01-15T20:32:02.430000",
            "db": "NVD",
            "id": "CVE-2011-5266"
          },
          {
            "date": "2022-03-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202001-279"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-279"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "SecureSphere Web Application Firewall In  SQL Injection vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-005563"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "SQL injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-279"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201106-0090

    Vulnerability from variot - Updated: 2023-12-18 12:45

    Cross-site scripting (XSS) vulnerability in the management GUI in the MX Management Server in Imperva SecureSphere Web Application Firewall 6.2, 7.x, and 8.x allows remote attackers to inject arbitrary web script or HTML via an HTTP request to a firewalled server, aka Bug ID 31759. An XSS vulnerability exists in the Imperva SecureSphere management GUI. Imperva Made SecureSphere Contains a cross-site scripting vulnerability. Imperva Provided by the company SecureSphere Contains a cross-site scripting vulnerability that results from the process of validating input on the management screen. For details, check the information provided by the developer.An arbitrary script may be executed on the user's web browser. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, or launch other attacks. ----------------------------------------------------------------------

    Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY


    TITLE: SecureSphere Web Application Firewall Database Events Script Insertion Vulnerability

    SECUNIA ADVISORY ID: SA44772

    VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44772/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44772

    RELEASE DATE: 2011-06-01

    DISCUSS ADVISORY: http://secunia.com/advisories/44772/#comments

    AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

    http://secunia.com/advisories/44772/

    ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

    https://ca.secunia.com/?page=viewadvisory&vuln_id=44772

    ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

    http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

    DESCRIPTION: A vulnerability has been reported in SecureSphere Web Application Firewall, which can be exploited by malicious people to conduct script insertion attacks.

    Certain input passed to a web server protected by SecureSphere is not properly sanitised before being displayed to the user.

    The vulnerability is reported in version 6.2, 7.x, and 8.x.

    SOLUTION: Apply patches.

    Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

    PROVIDED AND/OR DISCOVERED BY: Sean Talbot, Dell SecureWorks

    ORIGINAL ADVISORY: Imperva: http://www.imperva.com/resources/adc/adc_advisories_response_secureworks.html

    SecureWorks: http://www.secureworks.com/research/advisories/SWRX-2011-001/

    OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

    DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

    EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

    EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

    EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/


    About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/advisories/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201106-0090",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "securesphere web application firewall",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "imperva",
            "version": "8.5"
          },
          {
            "model": "securesphere web application firewall",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "imperva",
            "version": "8.0"
          },
          {
            "model": "securesphere web application firewall",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "imperva",
            "version": "7.5"
          },
          {
            "model": "securesphere web application firewall",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "imperva",
            "version": "7.0"
          },
          {
            "model": "securesphere web application firewall",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "imperva",
            "version": "6.2"
          },
          {
            "model": "securesphere web application firewall",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "imperva",
            "version": "7.0.0.7078"
          },
          {
            "model": "securesphere web application firewall",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "imperva",
            "version": "7.0.0.7061"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "imperva",
            "version": null
          },
          {
            "model": "securesphere web application firewall",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "imperva",
            "version": "6.2 mx management server"
          },
          {
            "model": "securesphere web application firewall",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "imperva",
            "version": "7.x mx management server"
          },
          {
            "model": "securesphere web application firewall",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "imperva",
            "version": "8.x mx management server"
          },
          {
            "model": "securesphere mx management server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "imperva",
            "version": "8.5"
          },
          {
            "model": "securesphere mx management server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "imperva",
            "version": "8.0"
          },
          {
            "model": "securesphere mx management server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "imperva",
            "version": "7.5"
          },
          {
            "model": "securesphere mx management server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "imperva",
            "version": "7.0"
          },
          {
            "model": "securesphere mx management server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "imperva",
            "version": "6.2"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#567774"
          },
          {
            "db": "BID",
            "id": "48062"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001705"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0767"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201106-002"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:imperva:securesphere_web_application_firewall:7.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:imperva:securesphere_web_application_firewall:8.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:imperva:securesphere_web_application_firewall:6.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:imperva:securesphere_web_application_firewall:7.0.0.7061:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:imperva:securesphere_web_application_firewall:7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:imperva:securesphere_web_application_firewall:8.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:imperva:securesphere_web_application_firewall:7.0.0.7078:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2011-0767"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Sean Talbot of Dell SecureWorks.",
        "sources": [
          {
            "db": "BID",
            "id": "48062"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2011-0767",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "MEDIUM",
                "trust": 1.0,
                "userInteractionRequired": true,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.3,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2011-0767",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "VHN-48712",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2011-0767",
                "trust": 1.8,
                "value": "MEDIUM"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#567774",
                "trust": 0.8,
                "value": "1.61"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201106-002",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-48712",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#567774"
          },
          {
            "db": "VULHUB",
            "id": "VHN-48712"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001705"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0767"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201106-002"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Cross-site scripting (XSS) vulnerability in the management GUI in the MX Management Server in Imperva SecureSphere Web Application Firewall 6.2, 7.x, and 8.x allows remote attackers to inject arbitrary web script or HTML via an HTTP request to a firewalled server, aka Bug ID 31759. An XSS vulnerability exists in the Imperva SecureSphere management GUI. Imperva Made SecureSphere Contains a cross-site scripting vulnerability. Imperva Provided by the company SecureSphere Contains a cross-site scripting vulnerability that results from the process of validating input on the management screen. For details, check the information provided by the developer.An arbitrary script may be executed on the user\u0027s web browser. \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, or launch other attacks. ----------------------------------------------------------------------\n\n\nAlerts when vulnerabilities pose a threat to your infrastructure\nThe enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. \nWatch our quick solution overview:\nhttp://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY\n\n\n----------------------------------------------------------------------\n\nTITLE:\nSecureSphere Web Application Firewall Database Events Script\nInsertion Vulnerability\n\nSECUNIA ADVISORY ID:\nSA44772\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/44772/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44772\n\nRELEASE DATE:\n2011-06-01\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/44772/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/44772/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44772\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in SecureSphere Web Application\nFirewall, which can be exploited by malicious people to conduct\nscript insertion attacks. \n\nCertain input passed to a web server protected by SecureSphere is not\nproperly sanitised before being displayed to the user. \n\nThe vulnerability is reported in version 6.2, 7.x, and 8.x. \n\nSOLUTION:\nApply patches. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\nSean Talbot, Dell SecureWorks\n\nORIGINAL ADVISORY:\nImperva:\nhttp://www.imperva.com/resources/adc/adc_advisories_response_secureworks.html\n\nSecureWorks:\nhttp://www.secureworks.com/research/advisories/SWRX-2011-001/\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2011-0767"
          },
          {
            "db": "CERT/CC",
            "id": "VU#567774"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001705"
          },
          {
            "db": "BID",
            "id": "48062"
          },
          {
            "db": "VULHUB",
            "id": "VHN-48712"
          },
          {
            "db": "PACKETSTORM",
            "id": "101907"
          }
        ],
        "trust": 2.79
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#567774",
            "trust": 3.6
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0767",
            "trust": 2.8
          },
          {
            "db": "SECUNIA",
            "id": "44772",
            "trust": 2.6
          },
          {
            "db": "XF",
            "id": "67779",
            "trust": 1.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001705",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201106-002",
            "trust": 0.7
          },
          {
            "db": "BID",
            "id": "48062",
            "trust": 0.4
          },
          {
            "db": "VULHUB",
            "id": "VHN-48712",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "101907",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#567774"
          },
          {
            "db": "VULHUB",
            "id": "VHN-48712"
          },
          {
            "db": "BID",
            "id": "48062"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001705"
          },
          {
            "db": "PACKETSTORM",
            "id": "101907"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0767"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201106-002"
          }
        ]
      },
      "id": "VAR-201106-0090",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-48712"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2023-12-18T12:45:53.199000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Imperva Security Response for CVE-2011-0767",
            "trust": 0.8,
            "url": "http://www.imperva.com/resources/adc/adc_advisories_response_secureworks.html"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001705"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-48712"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001705"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0767"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.9,
            "url": "http://www.imperva.com/resources/adc/adc_advisories_response_secureworks.html"
          },
          {
            "trust": 2.8,
            "url": "http://www.kb.cert.org/vuls/id/567774"
          },
          {
            "trust": 2.6,
            "url": "http://www.secureworks.com/research/advisories/swrx-2011-001/"
          },
          {
            "trust": 2.5,
            "url": "http://secunia.com/advisories/44772"
          },
          {
            "trust": 1.4,
            "url": "http://xforce.iss.net/xforce/xfdb/67779"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67779"
          },
          {
            "trust": 0.8,
            "url": "http://app.demand.imperva.com/e/er.aspx?s=466\u0026lid=794\u0026elq=fd4f3793140c4eb8b440d242b3d56e7a"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0767"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu567774"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0767"
          },
          {
            "trust": 0.3,
            "url": "http://www.imperva.com"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/44772/#comments"
          },
          {
            "trust": 0.1,
            "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44772"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/products/corporate/evm/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
          },
          {
            "trust": 0.1,
            "url": "http://www.youtube.com/user/secunia#p/a/u/0/m1y9sjqr2sy"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/44772/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/vulnerability_scanning/personal/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/about_secunia_advisories/"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#567774"
          },
          {
            "db": "VULHUB",
            "id": "VHN-48712"
          },
          {
            "db": "BID",
            "id": "48062"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001705"
          },
          {
            "db": "PACKETSTORM",
            "id": "101907"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0767"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201106-002"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#567774"
          },
          {
            "db": "VULHUB",
            "id": "VHN-48712"
          },
          {
            "db": "BID",
            "id": "48062"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001705"
          },
          {
            "db": "PACKETSTORM",
            "id": "101907"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0767"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201106-002"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2011-05-31T00:00:00",
            "db": "CERT/CC",
            "id": "VU#567774"
          },
          {
            "date": "2011-06-06T00:00:00",
            "db": "VULHUB",
            "id": "VHN-48712"
          },
          {
            "date": "2011-05-23T00:00:00",
            "db": "BID",
            "id": "48062"
          },
          {
            "date": "2011-06-16T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-001705"
          },
          {
            "date": "2011-06-01T11:46:40",
            "db": "PACKETSTORM",
            "id": "101907"
          },
          {
            "date": "2011-06-06T19:55:01.427000",
            "db": "NVD",
            "id": "CVE-2011-0767"
          },
          {
            "date": "2011-06-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201106-002"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2011-05-31T00:00:00",
            "db": "CERT/CC",
            "id": "VU#567774"
          },
          {
            "date": "2017-08-17T00:00:00",
            "db": "VULHUB",
            "id": "VHN-48712"
          },
          {
            "date": "2011-05-23T00:00:00",
            "db": "BID",
            "id": "48062"
          },
          {
            "date": "2011-06-16T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-001705"
          },
          {
            "date": "2017-08-17T01:33:43.993000",
            "db": "NVD",
            "id": "CVE-2011-0767"
          },
          {
            "date": "2011-06-15T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201106-002"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201106-002"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Imperva SecureSphere management GUI contains an XSS vulnerability",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#567774"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201106-002"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202201-2027

    Vulnerability from variot - Updated: 2023-12-18 12:15

    Imperva Web Application Firewall (WAF) before 2021-12-23 allows remote unauthenticated attackers to use "Content-Encoding: gzip" to evade WAF security controls and send malicious HTTP POST requests to web servers behind the WAF. Imperva Web Application Firewall (WAF) for, HTTP There is a vulnerability related to request smuggling.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202201-2027",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "web application firewall",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "imperva",
            "version": "2021-12-23"
          },
          {
            "model": "web application firewall",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "imperva",
            "version": "2021/12/23"
          },
          {
            "model": "web application firewall",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "imperva",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-003369"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45468"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:imperva:web_application_firewall:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "2021-12-23",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-45468"
          }
        ]
      },
      "cve": "CVE-2021-45468",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 7.5,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "CVE-2021-45468",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-409099",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2021-45468",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2021-45468",
                "trust": 1.8,
                "value": "CRITICAL"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202201-1325",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-409099",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-409099"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-003369"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45468"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202201-1325"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Imperva Web Application Firewall (WAF) before 2021-12-23 allows remote unauthenticated attackers to use \"Content-Encoding: gzip\" to evade WAF security controls and send malicious HTTP POST requests to web servers behind the WAF. Imperva Web Application Firewall (WAF) for, HTTP There is a vulnerability related to request smuggling.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-45468"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-003369"
          },
          {
            "db": "VULHUB",
            "id": "VHN-409099"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-45468",
            "trust": 3.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-003369",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202201-1325",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-409099",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-409099"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-003369"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45468"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202201-1325"
          }
        ]
      },
      "id": "VAR-202201-2027",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-409099"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2023-12-18T12:15:58.796000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Web\u00a0Application\u00a0Firewall\u00a0(WAF)",
            "trust": 0.8,
            "url": "https://www.imperva.com/products/web-application-firewall-waf/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-003369"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-444",
            "trust": 1.1
          },
          {
            "problemtype": "HTTP Request Smuggling (CWE-444) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-409099"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-003369"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45468"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "https://bishopfox.com/blog/imperva-eliminates-critical-exposure"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-45468"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-409099"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-003369"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45468"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202201-1325"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-409099"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-003369"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45468"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202201-1325"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-01-14T00:00:00",
            "db": "VULHUB",
            "id": "VHN-409099"
          },
          {
            "date": "2023-02-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-003369"
          },
          {
            "date": "2022-01-14T18:15:10.203000",
            "db": "NVD",
            "id": "CVE-2021-45468"
          },
          {
            "date": "2022-01-14T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202201-1325"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-01-21T00:00:00",
            "db": "VULHUB",
            "id": "VHN-409099"
          },
          {
            "date": "2023-02-15T09:05:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-003369"
          },
          {
            "date": "2022-01-21T19:57:44.767000",
            "db": "NVD",
            "id": "CVE-2021-45468"
          },
          {
            "date": "2022-01-24T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202201-1325"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202201-1325"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Imperva\u00a0Web\u00a0Application\u00a0Firewall\u00a0 In \u00a0HTTP\u00a0 Request Smuggling Vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-003369"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "environmental issue",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202201-1325"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201409-0042

    Vulnerability from variot - Updated: 2023-12-18 11:45

    Cross-site scripting (XSS) vulnerability in the Violations Table in the management GUI in the MX Management Server in Imperva SecureSphere Web Application Firewall (WAF) 9.0 allows remote attackers to inject arbitrary web script or HTML via the username field. Imperva SecureSphere Web Application Firewall is prone to an HTML-injection vulnerability prone to an because they fail to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, or launch other attacks. SecureSphere Web Application Firewall 9.0 is vulnerable. ----------------------------------------------------------------------

    Secunia presentations @ RSA Conference 2012, San Francisco, USA, 27 Feb-02 March Listen to our Chief Security Specialist, Research Analyst Director, and Director Product Management & Quality Assurance discuss the industry's key topics. Also, visit the Secunia stand #817. Find out more: http://www.rsaconference.com/events/2012/usa/index.htm


    TITLE: SecureSphere Web Application Firewall Username Script Insertion Vulnerability

    SECUNIA ADVISORY ID: SA48086

    VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/48086/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=48086

    RELEASE DATE: 2012-02-17

    DISCUSS ADVISORY: http://secunia.com/advisories/48086/#comments

    AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

    http://secunia.com/advisories/48086/

    ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

    https://ca.secunia.com/?page=viewadvisory&vuln_id=48086

    ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

    http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

    DESCRIPTION: Roger Wemyss has reported a vulnerability in SecureSphere Web Application Firewall, which can be exploited by malicious people to conduct script insertion attacks.

    Certain input passed to a web server protected by SecureSphere is not properly sanitised before being displayed to the user.

    The vulnerability is reported in version 9.0.

    SOLUTION: Update to version 9.0 Patch 1.

    PROVIDED AND/OR DISCOVERED BY: Roger Wemyss, Dell SecureWorks

    ORIGINAL ADVISORY: SecureSphere: http://www.imperva.com/resources/adc/adc_advisories_response_secureworks_CVE-2011-4887.html

    Dell SecureWorks: http://www.secureworks.com/research/advisories/SWRX-2012-002/

    OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/


    About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/advisories/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    . This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.

    For more information see vulnerability #6 in: SA47816

    SOLUTION: Apply updated packages

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201409-0042",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "securesphere web application firewall",
            "scope": "eq",
            "trust": 2.7,
            "vendor": "imperva",
            "version": "9.0"
          },
          {
            "model": "securesphere web application firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "imperva",
            "version": "8.5"
          },
          {
            "model": "securesphere web application firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "imperva",
            "version": "8.0"
          },
          {
            "model": "securesphere web application firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "imperva",
            "version": "7.5"
          },
          {
            "model": "securesphere web application firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "imperva",
            "version": "7.0"
          },
          {
            "model": "securesphere web application firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "imperva",
            "version": "6.2"
          },
          {
            "model": "securesphere web application firewall patch",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "imperva",
            "version": "9.01"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "52064"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-005340"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4887"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201202-365"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:imperva:securesphere_web_application_firewall:9.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2011-4887"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Roger Wemyss of Dell SecureWorks",
        "sources": [
          {
            "db": "BID",
            "id": "52064"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201202-365"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2011-4887",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "MEDIUM",
                "trust": 1.0,
                "userInteractionRequired": true,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.3,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2011-4887",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "VHN-52832",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2011-4887",
                "trust": 1.8,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201202-365",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-52832",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-52832"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-005340"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4887"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201202-365"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Cross-site scripting (XSS) vulnerability in the Violations Table in the management GUI in the MX Management Server in Imperva SecureSphere Web Application Firewall (WAF) 9.0 allows remote attackers to inject arbitrary web script or HTML via the username field. Imperva SecureSphere Web Application Firewall is prone to an HTML-injection vulnerability prone to an  because they fail to properly sanitize user-supplied input. \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, or launch other attacks. \nSecureSphere Web Application Firewall 9.0 is vulnerable. ----------------------------------------------------------------------\n\nSecunia presentations @ RSA Conference 2012, San Francisco, USA, 27 Feb-02 March\nListen to our Chief Security Specialist, Research Analyst Director, and Director Product Management \u0026 Quality Assurance discuss the industry\u0027s key topics. Also, visit the Secunia stand #817. Find out more: http://www.rsaconference.com/events/2012/usa/index.htm\n\n----------------------------------------------------------------------\n\nTITLE:\nSecureSphere Web Application Firewall Username Script Insertion\nVulnerability\n\nSECUNIA ADVISORY ID:\nSA48086\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/48086/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48086\n\nRELEASE DATE:\n2012-02-17\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/48086/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/48086/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48086\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nRoger Wemyss has reported a vulnerability in SecureSphere Web\nApplication Firewall, which can be exploited by malicious people to\nconduct script insertion attacks. \n\nCertain input passed to a web server protected by SecureSphere is not\nproperly sanitised before being displayed to the user. \n\nThe vulnerability is reported in version 9.0. \n\nSOLUTION:\nUpdate to version 9.0 Patch 1. \n\nPROVIDED AND/OR DISCOVERED BY:\nRoger Wemyss, Dell SecureWorks\n\nORIGINAL ADVISORY:\nSecureSphere:\nhttp://www.imperva.com/resources/adc/adc_advisories_response_secureworks_CVE-2011-4887.html\n\nDell SecureWorks:\nhttp://www.secureworks.com/research/advisories/SWRX-2012-002/\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. This fixes a\nvulnerability, which can be exploited by malicious people to\ncompromise an application using the library. \n\nFor more information see vulnerability #6 in:\nSA47816\n\nSOLUTION:\nApply updated packages",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2011-4887"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-005340"
          },
          {
            "db": "BID",
            "id": "52064"
          },
          {
            "db": "VULHUB",
            "id": "VHN-52832"
          },
          {
            "db": "PACKETSTORM",
            "id": "109926"
          },
          {
            "db": "PACKETSTORM",
            "id": "110051"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2011-4887",
            "trust": 2.9
          },
          {
            "db": "BID",
            "id": "52064",
            "trust": 2.0
          },
          {
            "db": "SECUNIA",
            "id": "48086",
            "trust": 1.9
          },
          {
            "db": "OSVDB",
            "id": "79338",
            "trust": 1.7
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-005340",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201202-365",
            "trust": 0.7
          },
          {
            "db": "SECUNIA",
            "id": "48095",
            "trust": 0.7
          },
          {
            "db": "NSFOCUS",
            "id": "18796",
            "trust": 0.6
          },
          {
            "db": "XF",
            "id": "73264",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-52832",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "109926",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "110051",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-52832"
          },
          {
            "db": "BID",
            "id": "52064"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-005340"
          },
          {
            "db": "PACKETSTORM",
            "id": "109926"
          },
          {
            "db": "PACKETSTORM",
            "id": "110051"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4887"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201202-365"
          }
        ]
      },
      "id": "VAR-201409-0042",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-52832"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2023-12-18T11:45:27.522000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Imperva Security Response for CVE-2011-4887",
            "trust": 0.8,
            "url": "http://www.imperva.com/services/adc_advisories_response_secureworks_cve_2011_4887"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-005340"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-52832"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-005340"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4887"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "http://www.secureworks.com/cyber-threat-intelligence/advisories/swrx-2012-002/"
          },
          {
            "trust": 2.3,
            "url": "http://secunia.com/advisories/48086"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/52064"
          },
          {
            "trust": 1.7,
            "url": "http://www.imperva.com/services/adc_advisories_response_secureworks_cve_2011_4887"
          },
          {
            "trust": 1.7,
            "url": "http://osvdb.org/79338"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73264"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4887"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4887"
          },
          {
            "trust": 0.6,
            "url": "http://xforce.iss.net/xforce/xfdb/73264"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/48095"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/18796"
          },
          {
            "trust": 0.4,
            "url": "http://www.secureworks.com/research/advisories/swrx-2012-002/"
          },
          {
            "trust": 0.4,
            "url": "http://www.imperva.com/resources/adc/adc_advisories_response_secureworks_cve-2011-4887.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.imperva.com"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/vulnerability_intelligence/"
          },
          {
            "trust": 0.2,
            "url": "http://www.rsaconference.com/events/2012/usa/index.htm"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/advisories/secunia_security_advisories/"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/vulnerability_scanning/personal/"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/advisories/about_secunia_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/48086/#comments"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/48086/"
          },
          {
            "trust": 0.1,
            "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48086"
          },
          {
            "trust": 0.1,
            "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48095"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/48095/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/48095/#comments"
          },
          {
            "trust": 0.1,
            "url": "http://www.ubuntu.com/usn/usn-1370-1"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-52832"
          },
          {
            "db": "BID",
            "id": "52064"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-005340"
          },
          {
            "db": "PACKETSTORM",
            "id": "109926"
          },
          {
            "db": "PACKETSTORM",
            "id": "110051"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4887"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201202-365"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-52832"
          },
          {
            "db": "BID",
            "id": "52064"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-005340"
          },
          {
            "db": "PACKETSTORM",
            "id": "109926"
          },
          {
            "db": "PACKETSTORM",
            "id": "110051"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4887"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201202-365"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-09-11T00:00:00",
            "db": "VULHUB",
            "id": "VHN-52832"
          },
          {
            "date": "2012-02-17T00:00:00",
            "db": "BID",
            "id": "52064"
          },
          {
            "date": "2014-09-12T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-005340"
          },
          {
            "date": "2012-02-18T07:59:05",
            "db": "PACKETSTORM",
            "id": "109926"
          },
          {
            "date": "2012-02-22T08:41:39",
            "db": "PACKETSTORM",
            "id": "110051"
          },
          {
            "date": "2014-09-11T14:16:02.897000",
            "db": "NVD",
            "id": "CVE-2011-4887"
          },
          {
            "date": "1900-01-01T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201202-365"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-08-29T00:00:00",
            "db": "VULHUB",
            "id": "VHN-52832"
          },
          {
            "date": "2012-02-17T00:00:00",
            "db": "BID",
            "id": "52064"
          },
          {
            "date": "2014-09-12T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-005340"
          },
          {
            "date": "2017-08-29T01:30:37.710000",
            "db": "NVD",
            "id": "CVE-2011-4887"
          },
          {
            "date": "2014-09-15T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201202-365"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201202-365"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Imperva SecureSphere Web Application Firewall of  MX Management Server Management  GUI Vulnerable to cross-site scripting",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-005340"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201202-365"
          }
        ],
        "trust": 0.6
      }
    }

    CVE-2021-45468 (GCVE-0-2021-45468)

    Vulnerability from nvd – Published: 2022-01-14 17:58 – Updated: 2024-08-04 04:39
    VLAI
    Summary
    Imperva Web Application Firewall (WAF) before 2021-12-23 allows remote unauthenticated attackers to use "Content-Encoding: gzip" to evade WAF security controls and send malicious HTTP POST requests to web servers behind the WAF.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T04:39:21.099Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bishopfox.com/blog/imperva-eliminates-critical-exposure"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Imperva Web Application Firewall (WAF) before 2021-12-23 allows remote unauthenticated attackers to use \"Content-Encoding: gzip\" to evade WAF security controls and send malicious HTTP POST requests to web servers behind the WAF."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-01-14T22:24:16.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bishopfox.com/blog/imperva-eliminates-critical-exposure"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-45468",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Imperva Web Application Firewall (WAF) before 2021-12-23 allows remote unauthenticated attackers to use \"Content-Encoding: gzip\" to evade WAF security controls and send malicious HTTP POST requests to web servers behind the WAF."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://bishopfox.com/blog/imperva-eliminates-critical-exposure",
                  "refsource": "MISC",
                  "url": "https://bishopfox.com/blog/imperva-eliminates-critical-exposure"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-45468",
        "datePublished": "2022-01-14T17:58:09.000Z",
        "dateReserved": "2021-12-23T00:00:00.000Z",
        "dateUpdated": "2024-08-04T04:39:21.099Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-5266 (GCVE-0-2011-5266)

    Vulnerability from nvd – Published: 2020-01-08 22:43 – Updated: 2024-08-07 00:30
    VLAI
    Summary
    Imperva SecureSphere Web Application Firewall (WAF) before 12-august-2010 allows SQL injection filter bypass.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2011-06-05 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T00:30:46.932Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2011/May/163"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-06-05T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Imperva SecureSphere Web Application Firewall (WAF) before 12-august-2010 allows SQL injection filter bypass."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-01-08T22:43:52.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2011/May/163"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2011-5266",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Imperva SecureSphere Web Application Firewall (WAF) before 12-august-2010 allows SQL injection filter bypass."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://seclists.org/fulldisclosure/2011/May/163",
                  "refsource": "MISC",
                  "url": "http://seclists.org/fulldisclosure/2011/May/163"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2011-5266",
        "datePublished": "2020-01-08T22:43:52.000Z",
        "dateReserved": "2013-07-12T00:00:00.000Z",
        "dateUpdated": "2024-08-07T00:30:46.932Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-16660 (GCVE-0-2018-16660)

    Vulnerability from nvd – Published: 2019-04-25 19:40 – Updated: 2024-08-05 10:32
    VLAI
    Summary
    A command injection vulnerability in PWS in Imperva SecureSphere 13.0.0.10 and 13.1.0.10 Gateway allows an attacker with authenticated access to execute arbitrary OS commands on a vulnerable installation.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T10:32:53.521Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.imperva.com/products/securesphere/web-application-firewall/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/45542/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A command injection vulnerability in PWS in Imperva SecureSphere 13.0.0.10 and 13.1.0.10 Gateway allows an attacker with authenticated access to execute arbitrary OS commands on a vulnerable installation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-04-25T19:40:40.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.imperva.com/products/securesphere/web-application-firewall/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.exploit-db.com/exploits/45542/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2018-16660",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A command injection vulnerability in PWS in Imperva SecureSphere 13.0.0.10 and 13.1.0.10 Gateway allows an attacker with authenticated access to execute arbitrary OS commands on a vulnerable installation."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.imperva.com/products/securesphere/web-application-firewall/",
                  "refsource": "MISC",
                  "url": "https://www.imperva.com/products/securesphere/web-application-firewall/"
                },
                {
                  "name": "https://www.exploit-db.com/exploits/45542/",
                  "refsource": "MISC",
                  "url": "https://www.exploit-db.com/exploits/45542/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2018-16660",
        "datePublished": "2019-04-25T19:40:40.000Z",
        "dateReserved": "2018-09-07T00:00:00.000Z",
        "dateUpdated": "2024-08-05T10:32:53.521Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-5413 (GCVE-0-2018-5413)

    Vulnerability from nvd – Published: 2019-01-10 22:00 – Updated: 2024-08-05 05:33
    VLAI
    Summary
    Imperva SecureSphere running v13.0, v12.0, or v11.5 allows low privileged users to add SSH login keys to the admin user, resulting in privilege escalation.
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/45130 exploitx_refsource_EXPLOIT-DB
    Impacted products
    Vendor Product Version
    Imperva SecureSphere Affected: unspecified , ≤ 13.0 (custom)
    Create a notification for this product.
    Date Public
    2019-01-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T05:33:44.378Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "45130",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/45130"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "SecureSphere",
              "vendor": "Imperva",
              "versions": [
                {
                  "lessThanOrEqual": "13.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2019-01-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Imperva SecureSphere running v13.0, v12.0, or v11.5 allows low privileged users to add SSH login keys to the admin user, resulting in privilege escalation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-250",
                  "description": "CWE-250",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-01-10T21:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "45130",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/45130"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2018-5413",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "SecureSphere",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c=",
                                "version_affected": "\u003c=",
                                "version_value": "13.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Imperva"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Imperva SecureSphere running v13.0, v12.0, or v11.5 allows low privileged users to add SSH login keys to the admin user, resulting in privilege escalation."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-250"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "45130",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/45130"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2018-5413",
        "datePublished": "2019-01-10T22:00:00.000Z",
        "dateReserved": "2018-01-12T00:00:00.000Z",
        "dateUpdated": "2024-08-05T05:33:44.378Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-5403 (GCVE-0-2018-5403)

    Vulnerability from nvd – Published: 2019-01-10 22:00 – Updated: 2024-08-05 05:33
    VLAI
    Summary
    Imperva SecureSphere gateway (GW) running v13, for both pre-First Time Login or post-First Time Login (FTL), if the attacker knows the basic authentication passwords, the GW may be vulnerable to RCE through specially crafted requests, from the web access management interface.
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/45542 exploitx_refsource_EXPLOIT-DB
    Impacted products
    Vendor Product Version
    Imperva SecureSphere Affected: 13.0
    Create a notification for this product.
    Date Public
    2019-01-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T05:33:44.444Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "45542",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/45542"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "SecureSphere",
              "vendor": "Imperva",
              "versions": [
                {
                  "status": "affected",
                  "version": "13.0"
                }
              ]
            }
          ],
          "datePublic": "2019-01-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Imperva SecureSphere gateway (GW) running v13, for both pre-First Time Login or post-First Time Login (FTL), if the attacker knows the basic authentication passwords, the GW may be vulnerable to RCE through specially crafted requests, from the web access management interface."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "CWE-77",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-01-10T21:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "45542",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/45542"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2018-5403",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "SecureSphere",
                          "version": {
                            "version_data": [
                              {
                                "affected": "=",
                                "version_affected": "=",
                                "version_value": "13.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Imperva"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Imperva SecureSphere gateway (GW) running v13, for both pre-First Time Login or post-First Time Login (FTL), if the attacker knows the basic authentication passwords, the GW may be vulnerable to RCE through specially crafted requests, from the web access management interface."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-77"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "45542",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/45542"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2018-5403",
        "datePublished": "2019-01-10T22:00:00.000Z",
        "dateReserved": "2018-01-12T00:00:00.000Z",
        "dateUpdated": "2024-08-05T05:33:44.444Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-5412 (GCVE-0-2018-5412)

    Vulnerability from nvd – Published: 2019-01-10 22:00 – Updated: 2024-08-05 05:33
    VLAI
    Summary
    Imperva SecureSphere running v12.0.0.50 is vulnerable to local arbitrary code execution, escaping sealed-mode.
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/45132 exploitx_refsource_EXPLOIT-DB
    Impacted products
    Vendor Product Version
    Imperva SecureSphere Affected: 12.0.0.50
    Create a notification for this product.
    Date Public
    2019-01-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T05:33:44.408Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "45132",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/45132"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "SecureSphere",
              "vendor": "Imperva",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.0.0.50"
                }
              ]
            }
          ],
          "datePublic": "2019-01-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Imperva SecureSphere running v12.0.0.50 is vulnerable to local arbitrary code execution, escaping sealed-mode."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "CWE-77",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-01-10T21:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "45132",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/45132"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2018-5412",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "SecureSphere",
                          "version": {
                            "version_data": [
                              {
                                "affected": "=",
                                "version_affected": "=",
                                "version_value": "12.0.0.50"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Imperva"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Imperva SecureSphere running v12.0.0.50 is vulnerable to local arbitrary code execution, escaping sealed-mode."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-77"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "45132",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/45132"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2018-5412",
        "datePublished": "2019-01-10T22:00:00.000Z",
        "dateReserved": "2018-01-12T00:00:00.000Z",
        "dateUpdated": "2024-08-05T05:33:44.408Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-19646 (GCVE-0-2018-19646)

    Vulnerability from nvd – Published: 2018-11-28 17:00 – Updated: 2024-09-17 02:42
    VLAI
    Summary
    The Python CGI scripts in PWS in Imperva SecureSphere 13.0.10, 13.1.10, and 13.2.10 allow remote attackers to execute arbitrary OS commands because command-line arguments are mishandled.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/45542 exploitx_refsource_EXPLOIT-DB
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T11:44:19.576Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "45542",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/45542"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Python CGI scripts in PWS in Imperva SecureSphere 13.0.10, 13.1.10, and 13.2.10 allow remote attackers to execute arbitrary OS commands because command-line arguments are mishandled."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-11-28T17:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "45542",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/45542"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2018-19646",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Python CGI scripts in PWS in Imperva SecureSphere 13.0.10, 13.1.10, and 13.2.10 allow remote attackers to execute arbitrary OS commands because command-line arguments are mishandled."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "45542",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/45542"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2018-19646",
        "datePublished": "2018-11-28T17:00:00.000Z",
        "dateReserved": "2018-11-28T00:00:00.000Z",
        "dateUpdated": "2024-09-17T02:42:18.949Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-4887 (GCVE-0-2011-4887)

    Vulnerability from nvd – Published: 2014-09-11 14:00 – Updated: 2024-08-07 00:16
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in the Violations Table in the management GUI in the MX Management Server in Imperva SecureSphere Web Application Firewall (WAF) 9.0 allows remote attackers to inject arbitrary web script or HTML via the username field.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.secureworks.com/cyber-threat-intellige… x_refsource_MISC
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/52064 vdb-entryx_refsource_BID
    http://www.imperva.com/Services/adc_advisories_re… x_refsource_CONFIRM
    http://osvdb.org/79338 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/48086 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2012-02-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T00:16:35.130Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.secureworks.com/cyber-threat-intelligence/advisories/SWRX-2012-002/"
              },
              {
                "name": "securesphere-unspec-xss(73264)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73264"
              },
              {
                "name": "52064",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/52064"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.imperva.com/Services/adc_advisories_response_secureworks_CVE_2011_4887"
              },
              {
                "name": "79338",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/79338"
              },
              {
                "name": "48086",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/48086"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2012-02-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in the Violations Table in the management GUI in the MX Management Server in Imperva SecureSphere Web Application Firewall (WAF) 9.0 allows remote attackers to inject arbitrary web script or HTML via the username field."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.secureworks.com/cyber-threat-intelligence/advisories/SWRX-2012-002/"
            },
            {
              "name": "securesphere-unspec-xss(73264)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73264"
            },
            {
              "name": "52064",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/52064"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.imperva.com/Services/adc_advisories_response_secureworks_CVE_2011_4887"
            },
            {
              "name": "79338",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/79338"
            },
            {
              "name": "48086",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/48086"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2011-4887",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in the Violations Table in the management GUI in the MX Management Server in Imperva SecureSphere Web Application Firewall (WAF) 9.0 allows remote attackers to inject arbitrary web script or HTML via the username field."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.secureworks.com/cyber-threat-intelligence/advisories/SWRX-2012-002/",
                  "refsource": "MISC",
                  "url": "http://www.secureworks.com/cyber-threat-intelligence/advisories/SWRX-2012-002/"
                },
                {
                  "name": "securesphere-unspec-xss(73264)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73264"
                },
                {
                  "name": "52064",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/52064"
                },
                {
                  "name": "http://www.imperva.com/Services/adc_advisories_response_secureworks_CVE_2011_4887",
                  "refsource": "CONFIRM",
                  "url": "http://www.imperva.com/Services/adc_advisories_response_secureworks_CVE_2011_4887"
                },
                {
                  "name": "79338",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/79338"
                },
                {
                  "name": "48086",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/48086"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2011-4887",
        "datePublished": "2014-09-11T14:00:00.000Z",
        "dateReserved": "2011-12-21T00:00:00.000Z",
        "dateUpdated": "2024-08-07T00:16:35.130Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-4095 (GCVE-0-2013-4095)

    Vulnerability from nvd – Published: 2013-06-28 23:00 – Updated: 2024-09-16 22:55
    VLAI
    Summary
    plain/actionsets.html in the SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote authenticated users to execute arbitrary commands via a task with a [command].value field in conjunction with an [arguments].value field.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:30:50.000Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "plain/actionsets.html in the SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote authenticated users to execute arbitrary commands via a task with a [command].value field in conjunction with an [arguments].value field."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-06-28T23:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-4095",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "plain/actionsets.html in the SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote authenticated users to execute arbitrary commands via a task with a [command].value field in conjunction with an [arguments].value field."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html"
                },
                {
                  "name": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt",
                  "refsource": "MISC",
                  "url": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-4095",
        "datePublished": "2013-06-28T23:00:00.000Z",
        "dateReserved": "2013-06-11T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:55:28.439Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-4094 (GCVE-0-2013-4094)

    Vulnerability from nvd – Published: 2013-06-28 23:00 – Updated: 2024-09-17 02:06
    VLAI
    Summary
    The Key Management feature in the SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote authenticated users to upload executable files via the (1) private_key or (2) public_key parameter in a T/keyManagement request to plain/settings.html, as demonstrated by uploading a Linux ELF file and a shell script.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:30:49.919Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Key Management feature in the SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote authenticated users to upload executable files via the (1) private_key or (2) public_key parameter in a T/keyManagement request to plain/settings.html, as demonstrated by uploading a Linux ELF file and a shell script."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-06-28T23:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-4094",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Key Management feature in the SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote authenticated users to upload executable files via the (1) private_key or (2) public_key parameter in a T/keyManagement request to plain/settings.html, as demonstrated by uploading a Linux ELF file and a shell script."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html"
                },
                {
                  "name": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt",
                  "refsource": "MISC",
                  "url": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-4094",
        "datePublished": "2013-06-28T23:00:00.000Z",
        "dateReserved": "2013-06-11T00:00:00.000Z",
        "dateUpdated": "2024-09-17T02:06:13.851Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-4093 (GCVE-0-2013-4093)

    Vulnerability from nvd – Published: 2013-06-28 23:00 – Updated: 2024-09-17 02:42
    VLAI
    Summary
    The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote attackers to obtain sensitive information via (1) a direct request to dwr/call/plaincall/AsyncOperationsContainer.getOperationState.dwr, which reveals the installation path in the s0.filePath field, or (2) a T/keyManagement request to plain/settings.html, which reveals a temporary path in an error message.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:30:49.895Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote attackers to obtain sensitive information via (1) a direct request to dwr/call/plaincall/AsyncOperationsContainer.getOperationState.dwr, which reveals the installation path in the s0.filePath field, or (2) a T/keyManagement request to plain/settings.html, which reveals a temporary path in an error message."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-06-28T23:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-4093",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote attackers to obtain sensitive information via (1) a direct request to dwr/call/plaincall/AsyncOperationsContainer.getOperationState.dwr, which reveals the installation path in the s0.filePath field, or (2) a T/keyManagement request to plain/settings.html, which reveals a temporary path in an error message."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html"
                },
                {
                  "name": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt",
                  "refsource": "MISC",
                  "url": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-4093",
        "datePublished": "2013-06-28T23:00:00.000Z",
        "dateReserved": "2013-06-11T00:00:00.000Z",
        "dateUpdated": "2024-09-17T02:42:03.092Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-4092 (GCVE-0-2013-4092)

    Vulnerability from nvd – Published: 2013-06-28 23:00 – Updated: 2024-09-17 01:41
    VLAI
    Summary
    The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows context-dependent attackers to obtain sensitive information by leveraging the presence of (1) a session ID in the jsessionid field to secsphLogin.jsp or (2) credentials in the j_password parameter to j_acegi_security_check, and reading (a) web-server access logs, (b) web-server Referer logs, or (c) the browser history.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:30:49.980Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows context-dependent attackers to obtain sensitive information by leveraging the presence of (1) a session ID in the jsessionid field to secsphLogin.jsp or (2) credentials in the j_password parameter to j_acegi_security_check, and reading (a) web-server access logs, (b) web-server Referer logs, or (c) the browser history."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-06-28T23:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-4092",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows context-dependent attackers to obtain sensitive information by leveraging the presence of (1) a session ID in the jsessionid field to secsphLogin.jsp or (2) credentials in the j_password parameter to j_acegi_security_check, and reading (a) web-server access logs, (b) web-server Referer logs, or (c) the browser history."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html"
                },
                {
                  "name": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt",
                  "refsource": "MISC",
                  "url": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-4092",
        "datePublished": "2013-06-28T23:00:00.000Z",
        "dateReserved": "2013-06-11T00:00:00.000Z",
        "dateUpdated": "2024-09-17T01:41:45.342Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-4091 (GCVE-0-2013-4091)

    Vulnerability from nvd – Published: 2013-06-28 23:00 – Updated: 2024-09-17 04:25
    VLAI
    Summary
    The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 does not have an off autocomplete attribute for the password (aka j_password) field on the secsphLogin.jsp login page, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:30:49.973Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 does not have an off autocomplete attribute for the password (aka j_password) field on the secsphLogin.jsp login page, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-06-28T23:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-4091",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 does not have an off autocomplete attribute for the password (aka j_password) field on the secsphLogin.jsp login page, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html"
                },
                {
                  "name": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt",
                  "refsource": "MISC",
                  "url": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-4091",
        "datePublished": "2013-06-28T23:00:00.000Z",
        "dateReserved": "2013-06-11T00:00:00.000Z",
        "dateUpdated": "2024-09-17T04:25:49.140Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-45468 (GCVE-0-2021-45468)

    Vulnerability from cvelistv5 – Published: 2022-01-14 17:58 – Updated: 2024-08-04 04:39
    VLAI
    Summary
    Imperva Web Application Firewall (WAF) before 2021-12-23 allows remote unauthenticated attackers to use "Content-Encoding: gzip" to evade WAF security controls and send malicious HTTP POST requests to web servers behind the WAF.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T04:39:21.099Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bishopfox.com/blog/imperva-eliminates-critical-exposure"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Imperva Web Application Firewall (WAF) before 2021-12-23 allows remote unauthenticated attackers to use \"Content-Encoding: gzip\" to evade WAF security controls and send malicious HTTP POST requests to web servers behind the WAF."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-01-14T22:24:16.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bishopfox.com/blog/imperva-eliminates-critical-exposure"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-45468",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Imperva Web Application Firewall (WAF) before 2021-12-23 allows remote unauthenticated attackers to use \"Content-Encoding: gzip\" to evade WAF security controls and send malicious HTTP POST requests to web servers behind the WAF."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://bishopfox.com/blog/imperva-eliminates-critical-exposure",
                  "refsource": "MISC",
                  "url": "https://bishopfox.com/blog/imperva-eliminates-critical-exposure"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-45468",
        "datePublished": "2022-01-14T17:58:09.000Z",
        "dateReserved": "2021-12-23T00:00:00.000Z",
        "dateUpdated": "2024-08-04T04:39:21.099Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-5266 (GCVE-0-2011-5266)

    Vulnerability from cvelistv5 – Published: 2020-01-08 22:43 – Updated: 2024-08-07 00:30
    VLAI
    Summary
    Imperva SecureSphere Web Application Firewall (WAF) before 12-august-2010 allows SQL injection filter bypass.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2011-06-05 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T00:30:46.932Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2011/May/163"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-06-05T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Imperva SecureSphere Web Application Firewall (WAF) before 12-august-2010 allows SQL injection filter bypass."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-01-08T22:43:52.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2011/May/163"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2011-5266",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Imperva SecureSphere Web Application Firewall (WAF) before 12-august-2010 allows SQL injection filter bypass."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://seclists.org/fulldisclosure/2011/May/163",
                  "refsource": "MISC",
                  "url": "http://seclists.org/fulldisclosure/2011/May/163"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2011-5266",
        "datePublished": "2020-01-08T22:43:52.000Z",
        "dateReserved": "2013-07-12T00:00:00.000Z",
        "dateUpdated": "2024-08-07T00:30:46.932Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-16660 (GCVE-0-2018-16660)

    Vulnerability from cvelistv5 – Published: 2019-04-25 19:40 – Updated: 2024-08-05 10:32
    VLAI
    Summary
    A command injection vulnerability in PWS in Imperva SecureSphere 13.0.0.10 and 13.1.0.10 Gateway allows an attacker with authenticated access to execute arbitrary OS commands on a vulnerable installation.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T10:32:53.521Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.imperva.com/products/securesphere/web-application-firewall/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/45542/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A command injection vulnerability in PWS in Imperva SecureSphere 13.0.0.10 and 13.1.0.10 Gateway allows an attacker with authenticated access to execute arbitrary OS commands on a vulnerable installation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-04-25T19:40:40.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.imperva.com/products/securesphere/web-application-firewall/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.exploit-db.com/exploits/45542/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2018-16660",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A command injection vulnerability in PWS in Imperva SecureSphere 13.0.0.10 and 13.1.0.10 Gateway allows an attacker with authenticated access to execute arbitrary OS commands on a vulnerable installation."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.imperva.com/products/securesphere/web-application-firewall/",
                  "refsource": "MISC",
                  "url": "https://www.imperva.com/products/securesphere/web-application-firewall/"
                },
                {
                  "name": "https://www.exploit-db.com/exploits/45542/",
                  "refsource": "MISC",
                  "url": "https://www.exploit-db.com/exploits/45542/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2018-16660",
        "datePublished": "2019-04-25T19:40:40.000Z",
        "dateReserved": "2018-09-07T00:00:00.000Z",
        "dateUpdated": "2024-08-05T10:32:53.521Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-5413 (GCVE-0-2018-5413)

    Vulnerability from cvelistv5 – Published: 2019-01-10 22:00 – Updated: 2024-08-05 05:33
    VLAI
    Summary
    Imperva SecureSphere running v13.0, v12.0, or v11.5 allows low privileged users to add SSH login keys to the admin user, resulting in privilege escalation.
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/45130 exploitx_refsource_EXPLOIT-DB
    Impacted products
    Vendor Product Version
    Imperva SecureSphere Affected: unspecified , ≤ 13.0 (custom)
    Create a notification for this product.
    Date Public
    2019-01-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T05:33:44.378Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "45130",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/45130"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "SecureSphere",
              "vendor": "Imperva",
              "versions": [
                {
                  "lessThanOrEqual": "13.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2019-01-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Imperva SecureSphere running v13.0, v12.0, or v11.5 allows low privileged users to add SSH login keys to the admin user, resulting in privilege escalation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-250",
                  "description": "CWE-250",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-01-10T21:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "45130",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/45130"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2018-5413",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "SecureSphere",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c=",
                                "version_affected": "\u003c=",
                                "version_value": "13.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Imperva"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Imperva SecureSphere running v13.0, v12.0, or v11.5 allows low privileged users to add SSH login keys to the admin user, resulting in privilege escalation."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-250"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "45130",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/45130"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2018-5413",
        "datePublished": "2019-01-10T22:00:00.000Z",
        "dateReserved": "2018-01-12T00:00:00.000Z",
        "dateUpdated": "2024-08-05T05:33:44.378Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-5403 (GCVE-0-2018-5403)

    Vulnerability from cvelistv5 – Published: 2019-01-10 22:00 – Updated: 2024-08-05 05:33
    VLAI
    Summary
    Imperva SecureSphere gateway (GW) running v13, for both pre-First Time Login or post-First Time Login (FTL), if the attacker knows the basic authentication passwords, the GW may be vulnerable to RCE through specially crafted requests, from the web access management interface.
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/45542 exploitx_refsource_EXPLOIT-DB
    Impacted products
    Vendor Product Version
    Imperva SecureSphere Affected: 13.0
    Create a notification for this product.
    Date Public
    2019-01-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T05:33:44.444Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "45542",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/45542"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "SecureSphere",
              "vendor": "Imperva",
              "versions": [
                {
                  "status": "affected",
                  "version": "13.0"
                }
              ]
            }
          ],
          "datePublic": "2019-01-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Imperva SecureSphere gateway (GW) running v13, for both pre-First Time Login or post-First Time Login (FTL), if the attacker knows the basic authentication passwords, the GW may be vulnerable to RCE through specially crafted requests, from the web access management interface."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "CWE-77",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-01-10T21:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "45542",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/45542"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2018-5403",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "SecureSphere",
                          "version": {
                            "version_data": [
                              {
                                "affected": "=",
                                "version_affected": "=",
                                "version_value": "13.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Imperva"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Imperva SecureSphere gateway (GW) running v13, for both pre-First Time Login or post-First Time Login (FTL), if the attacker knows the basic authentication passwords, the GW may be vulnerable to RCE through specially crafted requests, from the web access management interface."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-77"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "45542",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/45542"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2018-5403",
        "datePublished": "2019-01-10T22:00:00.000Z",
        "dateReserved": "2018-01-12T00:00:00.000Z",
        "dateUpdated": "2024-08-05T05:33:44.444Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-5412 (GCVE-0-2018-5412)

    Vulnerability from cvelistv5 – Published: 2019-01-10 22:00 – Updated: 2024-08-05 05:33
    VLAI
    Summary
    Imperva SecureSphere running v12.0.0.50 is vulnerable to local arbitrary code execution, escaping sealed-mode.
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/45132 exploitx_refsource_EXPLOIT-DB
    Impacted products
    Vendor Product Version
    Imperva SecureSphere Affected: 12.0.0.50
    Create a notification for this product.
    Date Public
    2019-01-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T05:33:44.408Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "45132",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/45132"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "SecureSphere",
              "vendor": "Imperva",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.0.0.50"
                }
              ]
            }
          ],
          "datePublic": "2019-01-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Imperva SecureSphere running v12.0.0.50 is vulnerable to local arbitrary code execution, escaping sealed-mode."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "CWE-77",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-01-10T21:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "45132",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/45132"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2018-5412",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "SecureSphere",
                          "version": {
                            "version_data": [
                              {
                                "affected": "=",
                                "version_affected": "=",
                                "version_value": "12.0.0.50"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Imperva"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Imperva SecureSphere running v12.0.0.50 is vulnerable to local arbitrary code execution, escaping sealed-mode."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-77"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "45132",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/45132"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2018-5412",
        "datePublished": "2019-01-10T22:00:00.000Z",
        "dateReserved": "2018-01-12T00:00:00.000Z",
        "dateUpdated": "2024-08-05T05:33:44.408Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-19646 (GCVE-0-2018-19646)

    Vulnerability from cvelistv5 – Published: 2018-11-28 17:00 – Updated: 2024-09-17 02:42
    VLAI
    Summary
    The Python CGI scripts in PWS in Imperva SecureSphere 13.0.10, 13.1.10, and 13.2.10 allow remote attackers to execute arbitrary OS commands because command-line arguments are mishandled.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/45542 exploitx_refsource_EXPLOIT-DB
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T11:44:19.576Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "45542",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/45542"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Python CGI scripts in PWS in Imperva SecureSphere 13.0.10, 13.1.10, and 13.2.10 allow remote attackers to execute arbitrary OS commands because command-line arguments are mishandled."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-11-28T17:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "45542",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/45542"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2018-19646",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Python CGI scripts in PWS in Imperva SecureSphere 13.0.10, 13.1.10, and 13.2.10 allow remote attackers to execute arbitrary OS commands because command-line arguments are mishandled."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "45542",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/45542"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2018-19646",
        "datePublished": "2018-11-28T17:00:00.000Z",
        "dateReserved": "2018-11-28T00:00:00.000Z",
        "dateUpdated": "2024-09-17T02:42:18.949Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-4887 (GCVE-0-2011-4887)

    Vulnerability from cvelistv5 – Published: 2014-09-11 14:00 – Updated: 2024-08-07 00:16
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in the Violations Table in the management GUI in the MX Management Server in Imperva SecureSphere Web Application Firewall (WAF) 9.0 allows remote attackers to inject arbitrary web script or HTML via the username field.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.secureworks.com/cyber-threat-intellige… x_refsource_MISC
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/52064 vdb-entryx_refsource_BID
    http://www.imperva.com/Services/adc_advisories_re… x_refsource_CONFIRM
    http://osvdb.org/79338 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/48086 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2012-02-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T00:16:35.130Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.secureworks.com/cyber-threat-intelligence/advisories/SWRX-2012-002/"
              },
              {
                "name": "securesphere-unspec-xss(73264)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73264"
              },
              {
                "name": "52064",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/52064"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.imperva.com/Services/adc_advisories_response_secureworks_CVE_2011_4887"
              },
              {
                "name": "79338",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/79338"
              },
              {
                "name": "48086",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/48086"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2012-02-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in the Violations Table in the management GUI in the MX Management Server in Imperva SecureSphere Web Application Firewall (WAF) 9.0 allows remote attackers to inject arbitrary web script or HTML via the username field."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.secureworks.com/cyber-threat-intelligence/advisories/SWRX-2012-002/"
            },
            {
              "name": "securesphere-unspec-xss(73264)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73264"
            },
            {
              "name": "52064",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/52064"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.imperva.com/Services/adc_advisories_response_secureworks_CVE_2011_4887"
            },
            {
              "name": "79338",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/79338"
            },
            {
              "name": "48086",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/48086"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2011-4887",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in the Violations Table in the management GUI in the MX Management Server in Imperva SecureSphere Web Application Firewall (WAF) 9.0 allows remote attackers to inject arbitrary web script or HTML via the username field."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.secureworks.com/cyber-threat-intelligence/advisories/SWRX-2012-002/",
                  "refsource": "MISC",
                  "url": "http://www.secureworks.com/cyber-threat-intelligence/advisories/SWRX-2012-002/"
                },
                {
                  "name": "securesphere-unspec-xss(73264)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73264"
                },
                {
                  "name": "52064",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/52064"
                },
                {
                  "name": "http://www.imperva.com/Services/adc_advisories_response_secureworks_CVE_2011_4887",
                  "refsource": "CONFIRM",
                  "url": "http://www.imperva.com/Services/adc_advisories_response_secureworks_CVE_2011_4887"
                },
                {
                  "name": "79338",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/79338"
                },
                {
                  "name": "48086",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/48086"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2011-4887",
        "datePublished": "2014-09-11T14:00:00.000Z",
        "dateReserved": "2011-12-21T00:00:00.000Z",
        "dateUpdated": "2024-08-07T00:16:35.130Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-4094 (GCVE-0-2013-4094)

    Vulnerability from cvelistv5 – Published: 2013-06-28 23:00 – Updated: 2024-09-17 02:06
    VLAI
    Summary
    The Key Management feature in the SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote authenticated users to upload executable files via the (1) private_key or (2) public_key parameter in a T/keyManagement request to plain/settings.html, as demonstrated by uploading a Linux ELF file and a shell script.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:30:49.919Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Key Management feature in the SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote authenticated users to upload executable files via the (1) private_key or (2) public_key parameter in a T/keyManagement request to plain/settings.html, as demonstrated by uploading a Linux ELF file and a shell script."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-06-28T23:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-4094",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Key Management feature in the SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote authenticated users to upload executable files via the (1) private_key or (2) public_key parameter in a T/keyManagement request to plain/settings.html, as demonstrated by uploading a Linux ELF file and a shell script."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html"
                },
                {
                  "name": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt",
                  "refsource": "MISC",
                  "url": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-4094",
        "datePublished": "2013-06-28T23:00:00.000Z",
        "dateReserved": "2013-06-11T00:00:00.000Z",
        "dateUpdated": "2024-09-17T02:06:13.851Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-4095 (GCVE-0-2013-4095)

    Vulnerability from cvelistv5 – Published: 2013-06-28 23:00 – Updated: 2024-09-16 22:55
    VLAI
    Summary
    plain/actionsets.html in the SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote authenticated users to execute arbitrary commands via a task with a [command].value field in conjunction with an [arguments].value field.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:30:50.000Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "plain/actionsets.html in the SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote authenticated users to execute arbitrary commands via a task with a [command].value field in conjunction with an [arguments].value field."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-06-28T23:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-4095",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "plain/actionsets.html in the SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote authenticated users to execute arbitrary commands via a task with a [command].value field in conjunction with an [arguments].value field."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html"
                },
                {
                  "name": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt",
                  "refsource": "MISC",
                  "url": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-4095",
        "datePublished": "2013-06-28T23:00:00.000Z",
        "dateReserved": "2013-06-11T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:55:28.439Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-4092 (GCVE-0-2013-4092)

    Vulnerability from cvelistv5 – Published: 2013-06-28 23:00 – Updated: 2024-09-17 01:41
    VLAI
    Summary
    The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows context-dependent attackers to obtain sensitive information by leveraging the presence of (1) a session ID in the jsessionid field to secsphLogin.jsp or (2) credentials in the j_password parameter to j_acegi_security_check, and reading (a) web-server access logs, (b) web-server Referer logs, or (c) the browser history.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:30:49.980Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows context-dependent attackers to obtain sensitive information by leveraging the presence of (1) a session ID in the jsessionid field to secsphLogin.jsp or (2) credentials in the j_password parameter to j_acegi_security_check, and reading (a) web-server access logs, (b) web-server Referer logs, or (c) the browser history."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-06-28T23:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-4092",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows context-dependent attackers to obtain sensitive information by leveraging the presence of (1) a session ID in the jsessionid field to secsphLogin.jsp or (2) credentials in the j_password parameter to j_acegi_security_check, and reading (a) web-server access logs, (b) web-server Referer logs, or (c) the browser history."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html"
                },
                {
                  "name": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt",
                  "refsource": "MISC",
                  "url": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-4092",
        "datePublished": "2013-06-28T23:00:00.000Z",
        "dateReserved": "2013-06-11T00:00:00.000Z",
        "dateUpdated": "2024-09-17T01:41:45.342Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-4091 (GCVE-0-2013-4091)

    Vulnerability from cvelistv5 – Published: 2013-06-28 23:00 – Updated: 2024-09-17 04:25
    VLAI
    Summary
    The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 does not have an off autocomplete attribute for the password (aka j_password) field on the secsphLogin.jsp login page, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:30:49.973Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 does not have an off autocomplete attribute for the password (aka j_password) field on the secsphLogin.jsp login page, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-06-28T23:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-4091",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 does not have an off autocomplete attribute for the password (aka j_password) field on the secsphLogin.jsp login page, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html"
                },
                {
                  "name": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt",
                  "refsource": "MISC",
                  "url": "http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-4091",
        "datePublished": "2013-06-28T23:00:00.000Z",
        "dateReserved": "2013-06-11T00:00:00.000Z",
        "dateUpdated": "2024-09-17T04:25:49.140Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }