CVE-2018-5403

2019-01-1022:00:00

CWE-77

certcc

www.cve.org

AI Score

8.2

Confidence

High

EPSS

0.464

Percentile

97.5%

JSON

Imperva SecureSphere gateway (GW) running v13, for both pre-First Time Login or post-First Time Login (FTL), if the attacker knows the basic authentication passwords, the GW may be vulnerable to RCE through specially crafted requests, from the web access management interface.

CNA Affected

[
  {
    "product": "SecureSphere",
    "vendor": "Imperva",
    "versions": [
      {
        "status": "affected",
        "version": "13.0"
      }
    ]
  }
]

References

www.exploit-db.com/exploits/45542