CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2018-5413
https://notcve.org/view.php?id=CVE-2018-5413
Imperva SecureSphere running v13.0, v12.0, or v11.5 allows low privileged users to add SSH login keys to the admin user, resulting in privilege escalation. Imperva SecureSphere v13.0, v12.0 o v11.5 permite que usuarios con pocos privilegios añadan claves de inicio de sesión SSH al usuario administrador, lo que resulta en un escalado de privilegios. • https://www.exploit-db.com/exploits/45130 • CWE-250: Execution with Unnecessary Privileges CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-5412
https://notcve.org/view.php?id=CVE-2018-5412
Imperva SecureSphere running v12.0.0.50 is vulnerable to local arbitrary code execution, escaping sealed-mode. Imperva SecureSphere v12.0.0.50 es vulnerable a la ejecución de código arbitrario local, escapando del modo sealed. • https://www.exploit-db.com/exploits/45132 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •