Vulnerability CVE-2010-1329
Published: 2010-04-15   Modified: 2012-02-13

Description:
Imperva SecureSphere Web Application Firewall and Database Firewall 5.0.0.5082 through 7.0.0.7078 allow remote attackers to bypass intrusion-prevention functionality via a request that has an appended long string containing an unspecified manipulation.

See advisories in our WLB2 database:
Topic
Author
Date
High
Imperva SecureSphere Web Application Firewall and Database Firewall Bypass
Clear Skies Secu...
18.04.2010

Type:

CWE-noinfo

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:C/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.8/10
6.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
Complete
None
Affected software
Imperva -> Securesphere database firewall 
Imperva -> Securesphere web application firewall 

 References:
http://www.clearskies.net/documents/css-advisory-css1001-imperva.php
http://www.imperva.com/resources/adc/adc_advisories_response_clearskies.html
http://www.securityfocus.com/archive/1/510709/100/0/threaded
http://www.securityfocus.com/bid/39472
Copyright 2024, cxsecurity.com

 

Back to Top