Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Imperva SecureSphere gateway (GW) running v13, for both pre-First Time Login or post-First Time Login (FTL), if the attacker knows the basic authentication passwords, the GW may be vulnerable to RCE through specially crafted requests, from the web access management interface.
CVSS Information
N/A
Vulnerability Type
在命令中使用的特殊元素转义处理不恰当(命令注入)
Vulnerability Title
Imperva SecureSphere PWS组件授权问题漏洞
Vulnerability Description
Imperva SecureSphere是美国Imperva公司的一套高性能、集中式数据安全防护管理产品。该产品提供对不同的SecureSphere产品进行统一审核、报告和记录、可视化的安全状态和实时监控事件、管理和分配策略等功能。PWS是其中的一个用于通过HTTPS公开各种CLI实用程序的组件。 Imperva SecureSphere 13版本中的PWS组件存在安全漏洞。远程攻击者可通过发送特制的请求利用该漏洞执行代码。
CVSS Information
N/A
Vulnerability Type
N/A