Imperva : Security Vulnerabilities, CVEs, Published In 2019

CVE-2018-16660

A command injection vulnerability in PWS in Imperva SecureSphere 13.0.0.10 and 13.1.0.10 Gateway allows an attacker with authenticated access to execute arbitrary OS commands on a vulnerable installation.
Max CVSS
9.0
EPSS Score
0.36%
Published
2019-04-25
Updated
2019-04-29

CVE-2018-5413

Imperva SecureSphere running v13.0, v12.0, or v11.5 allows low privileged users to add SSH login keys to the admin user, resulting in privilege escalation.
Max CVSS
8.8
EPSS Score
0.65%
Published
2019-01-10
Updated
2019-10-09

CVE-2018-5412

Imperva SecureSphere running v12.0.0.50 is vulnerable to local arbitrary code execution, escaping sealed-mode.
Max CVSS
7.8
EPSS Score
0.06%
Published
2019-01-10
Updated
2019-10-09

CVE-2018-5403

Imperva SecureSphere gateway (GW) running v13, for both pre-First Time Login or post-First Time Login (FTL), if the attacker knows the basic authentication passwords, the GW may be vulnerable to RCE through specially crafted requests, from the web access management interface.
Max CVSS
8.1
EPSS Score
57.19%
Published
2019-01-10
Updated
2019-10-09
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close