CVE-2018-5403

Summary

Imperva SecureSphere gateway (GW) running v13, for both pre-First Time Login or post-First Time Login (FTL), if the attacker knows the basic authentication passwords, the GW may be vulnerable to RCE through specially crafted requests, from the web access management interface.

Affected Software

VendorProductVersion RangeStatus
ImpervaSecureSphere13.0affected

Weaknesses

  • CWE-77: CWE-77

ADP Enrichment

CVE Program Container

Additional References

References