CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2013-4094 – Imperva SecureSphere Operations Manager 9.0.0.5 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2013-4094
The Key Management feature in the SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote authenticated users to upload executable files via the (1) private_key or (2) public_key parameter in a T/keyManagement request to plain/settings.html, as demonstrated by uploading a Linux ELF file and a shell script. La funcionalidad Key Management en SecureSphere Operations Manager (SOM) Management Server en Imperva SecureSphere v9.0.0.5 permite a usuarios autenticados remotamente cargar archivos ejecutables a través de (1) private_key o (2) el parámetro public_key en una solicitud de T/keyManagement a plain/settings.html, como se ha demostrado mediante la subida de un archivo ELF Linux y una secuencia de comandos de shell. • https://www.exploit-db.com/exploits/25977 http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2013-4091 – Imperva SecureSphere Operations Manager 9.0.0.5 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2013-4091
The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 does not have an off autocomplete attribute for the password (aka j_password) field on the secsphLogin.jsp login page, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation. SecureSphere Operations Manager (SOM) Management Server en Imperva SecureSphere v9.0.0.5 no tiene un atributo de autocompletar para el campo de la contraseña (aka j_password)en la página de inicio de sesión secsphLogin.jsp, lo que hace que sea más fácil para los atacantes remotos obtener acceso mediante el aprovechamiento una estación de trabajo sin supervisión. • https://www.exploit-db.com/exploits/25977 http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt • CWE-255: Credentials Management Errors •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-2013-4092 – Imperva SecureSphere Operations Manager 9.0.0.5 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2013-4092
The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows context-dependent attackers to obtain sensitive information by leveraging the presence of (1) a session ID in the jsessionid field to secsphLogin.jsp or (2) credentials in the j_password parameter to j_acegi_security_check, and reading (a) web-server access logs, (b) web-server Referer logs, or (c) the browser history. SecureSphere Operations Manager (SOM) Management Server en Imperva SecureSphere v9.0.0.5, permite a atacantes locales o remotos obtener información sensible mediante el aprovechamiento de la presencia de (1) un identificador de sesión en el campo de jsessionid (2) credenciales en el parámetro j_password a j_acegi_security_check secsphLogin.jsp o, y mediante la lectura de (a) los registros de acceso del servidor web, (b) la registros de Referer, o (c) el historial del navegador. • https://www.exploit-db.com/exploits/25977 http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt • CWE-255: Credentials Management Errors •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-2013-4093 – Imperva SecureSphere Operations Manager 9.0.0.5 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2013-4093
The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote attackers to obtain sensitive information via (1) a direct request to dwr/call/plaincall/AsyncOperationsContainer.getOperationState.dwr, which reveals the installation path in the s0.filePath field, or (2) a T/keyManagement request to plain/settings.html, which reveals a temporary path in an error message. SecureSphere Operations Manager (SOM) Management Server en Imperva SecureSphere v9.0.0.5, permite a atacantes remotos obtener información sensible a través de (1) una solicitud directa a dwr/call/plaincall/AsyncOperationsContainer.getOperationState.dwr, lo que revela la ruta de instalación en el campo s0.filePath, o (2) una petición T/keyManagement a plain/settings.html, lo que revela una ruta temporal en un mensaje de error. • https://www.exploit-db.com/exploits/25977 http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2013-4095 – Imperva SecureSphere Operations Manager 9.0.0.5 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2013-4095
plain/actionsets.html in the SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote authenticated users to execute arbitrary commands via a task with a [command].value field in conjunction with an [arguments].value field. plain/actionsets.html en el SecureSphere Operations Manager (SOM) Management Server en Imperva SecureSphere v9.0.0.5 permite a usuarios autenticados remotamente ejecutar comandos a través de una tarea con un campo [command].value en conjunción con un campo [arguments].value[arguments].value • https://www.exploit-db.com/exploits/25977 http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt • CWE-20: Improper Input Validation •