CVE-2013-4092

Imperva SecureSphere 9.0.0.5 - Information Disclosure via Session ID and Credential Logging

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-4092.

AI-analyzed exploit summary This advisory details multiple vulnerabilities in Imperva SecureSphere Operations Manager, including command execution, file upload, and information disclosure issues. It provides technical descriptions, HTTP request examples, and proof of concept payloads for exploitation.

Description

The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows context-dependent attackers to obtain sensitive information by leveraging the presence of (1) a session ID in the jsessionid field to secsphLogin.jsp or (2) credentials in the j_password parameter to j_acegi_security_check, and reading (a) web-server access logs, (b) web-server Referer logs, or (c) the browser history.

Exploits (1)

exploitdb WRITEUP
webappsjsp
https://www.exploit-db.com/exploits/25977

This advisory details multiple vulnerabilities in Imperva SecureSphere Operations Manager, including command execution, file upload, and information disclosure issues. It provides technical descriptions, HTTP request examples, and proof of concept payloads for exploitation.

Classification
Writeup 95%
Attack Type
Rce | Info Leak
Complexity
Moderate
Reliability
Reliable
Target: Imperva SecureSphere Operations Manager 9.0.0.5 Enterprise Edition
Auth required
Prerequisites: Authenticated access to the SecureSphere Operations Manager · Access to the Key Management or Action Sets functionality
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (2)

Core 2

Scores

EPSS 0.0486
EPSS Percentile 90.9%

Details

CWE
CWE-255
Status published
Products (1)
imperva/securesphere 9.0.0.5
Published Jun 28, 2013
Tracked Since Feb 18, 2026