Description
plain/actionsets.html in the SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote authenticated users to execute arbitrary commands via a task with a [command].value field in conjunction with an [arguments].value field.
Exploits (1)
References (2)
Core 2
Core References
Various Sources x_refsource_misc
http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt
Exploit, Third Party Advisory x_refsource_misc
http://packetstormsecurity.com/files/121861/Imperva-SecureSphere-Operations-Manager-Command-Execution.html
Scores
EPSS
0.0373
EPSS Percentile
88.0%
Details
CWE
CWE-20
Status
published
Products (1)
imperva/securesphere
9.0.0.5
Published
Jun 28, 2013
Tracked Since
Feb 18, 2026