CVE-2021-45468

Imperva Web Application Firewall (WAF) before 2021-12-23 allows remote unauthenticated attackers to use "Content-Encoding: gzip" to evade WAF security controls and send malicious HTTP POST requests to web servers behind the WAF.
CVSS

No CVSS.

Configurations

No configuration.

History

14 Jan 2022, 23:15

Type Values Removed Values Added
Summary Imperva Web Application Firewall (WAF) before 2021-12-31 allows remote unauthenticated attackers to use "Content-Encoding: gzip" to evade WAF security controls and send malicious HTTP POST requests to web servers behind the WAF. Imperva Web Application Firewall (WAF) before 2021-12-23 allows remote unauthenticated attackers to use "Content-Encoding: gzip" to evade WAF security controls and send malicious HTTP POST requests to web servers behind the WAF.

14 Jan 2022, 18:24

Type Values Removed Values Added
New CVE

Information

Published : 2022-01-14 18:15

Updated : 2022-01-14 23:15


NVD link : CVE-2021-45468

Mitre link : CVE-2021-45468


JSON object : View

Products Affected

No product.

CWE

No CWE.