Описание
A command injection vulnerability in PWS in Imperva SecureSphere 13.0.0.10 and 13.1.0.10 Gateway allows an attacker with authenticated access to execute arbitrary OS commands on a vulnerable installation.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- ProductVendor Advisory
- ExploitThird Party AdvisoryVDB Entry
- ProductVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:imperva:securesphere:13.0.10:*:*:*:*:*:*:*
cpe:2.3:a:imperva:securesphere:13.1.10:*:*:*:*:*:*:*
cpe:2.3:a:imperva:securesphere:13.2.10:*:*:*:*:*:*:*
EPSS
Процентиль: 98%
0.65028
Средний
8.8 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-78
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
A command injection vulnerability in PWS in Imperva SecureSphere 13.0.0.10 and 13.1.0.10 Gateway allows an attacker with authenticated access to execute arbitrary OS commands on a vulnerable installation.
EPSS
Процентиль: 98%
0.65028
Средний
8.8 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-78