What the vulnerability does

01Description

Imperva SecureSphere gateway (GW) running v13, for both pre-First Time Login or post-First Time Login (FTL), if the attacker knows the basic authentication passwords, the GW may be vulnerable to RCE through specially crafted requests, from the web access management interface.

Key dates

02Disclosure timeline

January 10, 2019 CVE published
August 5, 2024 Record updated