Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:imperva:securesphere:13.0.10:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2018-16660 |
A command injection vulnerability in PWS in Imperva SecureSphere 13.0.0.10 and 13.1.0.10 Gateway allows an attacker with authenticated access to execute arbitrary OS commands on a vulnerable installation. Published: April 25, 2019; 4:29:01 PM -0400 |
V3.0: 8.8 HIGH V2.0: 9.0 HIGH |
CVE-2018-5403 |
Imperva SecureSphere gateway (GW) running v13, for both pre-First Time Login or post-First Time Login (FTL), if the attacker knows the basic authentication passwords, the GW may be vulnerable to RCE through specially crafted requests, from the web access management interface. Published: January 10, 2019; 5:29:00 PM -0500 |
V3.0: 8.1 HIGH V2.0: 6.8 MEDIUM |
CVE-2018-19646 |
The Python CGI scripts in PWS in Imperva SecureSphere 13.0.10, 13.1.10, and 13.2.10 allow remote attackers to execute arbitrary OS commands because command-line arguments are mishandled. Published: November 28, 2018; 1:29:01 PM -0500 |
V3.0: 9.8 CRITICAL V2.0: 10.0 HIGH |