Lucene search

[email protected]CVE-2011-4887

HistorySep 11, 2014 - 2:16 p.m.

CVE-2011-4887

2014-09-1114:16:02

CWE-79

[email protected]

web.nvd.nist.gov

imperva

securesphere

waf

9.0

xss

vulnerability

nvd

cve-2011-4887

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

66.0%

JSON

Cross-site scripting (XSS) vulnerability in the Violations Table in the management GUI in the MX Management Server in Imperva SecureSphere Web Application Firewall (WAF) 9.0 allows remote attackers to inject arbitrary web script or HTML via the username field.

Affected configurations

NVD

Node

impervasecuresphere_web_application_firewallMatch9.0

CPENameOperatorVersion
imperva:securesphere_web_application_firewallimperva securesphere web application firewalleq9.0

CPE	Name	Operator	Version
imperva:securesphere_web_application_firewall	imperva securesphere web application firewall	eq	9.0

References

osvdb.org/79338

secunia.com/advisories/48086

www.imperva.com/Services/adc_advisories_response_secureworks_CVE_2011_4887

www.secureworks.com/cyber-threat-intelligence/advisories/SWRX-2012-002/

www.securityfocus.com/bid/52064

exchange.xforce.ibmcloud.com/vulnerabilities/73264

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

66.0%

JSON

Related for CVE-2011-4887

prion1 cvelist1 nvd1