CVE-2013-4094

The Key Management feature in the SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote authenticated users to upload executable files via the (1) private_key or (2) public_key parameter in a T/keyManagement request to plain/settings.html, as demonstrated by uploading a Linux ELF file and a shell script.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:imperva:securesphere:9.0.0.5:*:*:*:*:*:*:*

Information

Published : 2013-06-28 16:55

Updated : 2013-07-01 09:50


NVD link : CVE-2013-4094

Mitre link : CVE-2013-4094


JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa

Products Affected

imperva

  • securesphere