Vulnerability Description
plain/actionsets.html in the SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote authenticated users to execute arbitrary commands via a task with a [command].value field in conjunction with an [arguments].value field.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Imperva | Securesphere | 9.0.0.5 |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Mana
- http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt
- http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Mana
- http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt
FAQ
What is CVE-2013-4095?
CVE-2013-4095 is a vulnerability with a CVSS score of 6.5 (MEDIUM). plain/actionsets.html in the SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote authenticated users to execute arbitrary commands via a task with a [...
How severe is CVE-2013-4095?
CVE-2013-4095 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-4095?
Check the references section above for vendor advisories and patch information. Affected products include: Imperva Securesphere.