Securesphere@13.1.10 Security Vulnerabilities and Issues — Securesphere@13.1.10 CVE List

Lucene search

ImpervaSecuresphere13.1.10

3 matches found

CVE•added 2019/04/25 8:29 p.m.•32 views

CVE-2018-16660

A command injection vulnerability in PWS in Imperva SecureSphere 13.0.0.10 and 13.1.0.10 Gateway allows an attacker with authenticated access to execute arbitrary OS commands on a vulnerable installation.

9CVSS8.9AI score0.04735EPSS

CVE•added 2018/11/28 6:29 p.m.•32 views

CVE-2018-19646

The Python CGI scripts in PWS in Imperva SecureSphere 13.0.10, 13.1.10, and 13.2.10 allow remote attackers to execute arbitrary OS commands because command-line arguments are mishandled.

10CVSS9.7AI score0.02614EPSS

CVE•added 2019/01/10 10:29 p.m.•31 views

CVE-2018-5403

Imperva SecureSphere gateway (GW) running v13, for both pre-First Time Login or post-First Time Login (FTL), if the attacker knows the basic authentication passwords, the GW may be vulnerable to RCE through specially crafted requests, from the web access management interface.

8.1CVSS8.1AI score0.0467EPSS