5 matches found
CVE-2013-4094
The Key Management feature in the SecureSphere Operations Manager SOM Management Server in Imperva SecureSphere 9.0.0.5 allows remote authenticated users to upload executable files via the 1 privatekey or 2 publickey parameter in a T/keyManagement request to plain/settings.html, as demonstrated b...
CVE-2013-4093
The SecureSphere Operations Manager SOM Management Server in Imperva SecureSphere 9.0.0.5 allows remote attackers to obtain sensitive information via 1 a direct request to dwr/call/plaincall/AsyncOperationsContainer.getOperationState.dwr, which reveals the installation path in the s0.filePath...
CVE-2013-4095
Imperva SecureSphere SOM Management Server (v9.0.0.5) is affected by CVE-2013-4095. Remote authenticated users can execute arbitrary commands via a task payload using a [command].value field together with an [arguments].value field. The description is consistent across multiple sources (NVD/Red H...
CVE-2013-4093
CVE-2013-4093 affects Imperva SecureSphere SOM 9.0.0.5 (Management Server). The vulnerability allows remote attackers to leak sensitive information through two paths: (1) direct access to dwr/call/plaincall/AsyncOperationsContainer.getOperationState.dwr reveals the installation path in s0.filePat...
CVE-2013-4092
The CVE-2013-4092 entry concerns Imperva SecureSphere SOM (Management Server) version 9.0.0.5. The issue enables context‑dependent attackers to obtain sensitive information by exploiting (1) a session ID in the jsessionid field to access secsphLogin.jsp or (2) credentials in the j_password parame...