CVE-2013-4094

The Key Management feature in the SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote authenticated users to upload executable files via the (1) private_key or (2) public_key parameter in a T/keyManagement request to plain/settings.html, as demonstrated by uploading a Linux ELF file and a shell script.
Configurations

Configuration 1 (hide)

cpe:2.3:a:imperva:securesphere:9.0.0.5:*:*:*:*:*:*:*

History

No history.

Information

Published : 2013-06-28 23:55

Updated : 2023-12-10 11:16


NVD link : CVE-2013-4094

Mitre link : CVE-2013-4094

CVE.ORG link : CVE-2013-4094


JSON object : View

Products Affected

imperva

  • securesphere
CWE
CWE-20

Improper Input Validation