Lucene search

MitreCVE-2011-4887

HistorySep 11, 2014 - 2:16 p.m.

CVE-2011-4887

2014-09-1114:16:02

CWE-79

mitre

web.nvd.nist.gov

imperva

securesphere

waf

9.0

xss

vulnerability

nvd

cve-2011-4887

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.003

Percentile

65.9%

JSON

Cross-site scripting (XSS) vulnerability in the Violations Table in the management GUI in the MX Management Server in Imperva SecureSphere Web Application Firewall (WAF) 9.0 allows remote attackers to inject arbitrary web script or HTML via the username field.

Affected configurations

Nvd

Node

impervasecuresphere_web_application_firewallMatch9.0

VendorProductVersionCPE
impervasecuresphere_web_application_firewall9.0cpe:2.3:a:imperva:securesphere_web_application_firewall:9.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
imperva	securesphere_web_application_firewall	9.0	cpe:2.3:a:imperva:securesphere_web_application_firewall:9.0:::::::*

References

osvdb.org/79338

secunia.com/advisories/48086

www.imperva.com/Services/adc_advisories_response_secureworks_CVE_2011_4887

www.secureworks.com/cyber-threat-intelligence/advisories/SWRX-2012-002/

www.securityfocus.com/bid/52064

exchange.xforce.ibmcloud.com/vulnerabilities/73264

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.003

Percentile

65.9%

JSON

Related for CVE-2011-4887