IBM Web Application Firewall Vulnerability in G400 and GX4004 Appliances
CVE-2011-3140

Currently unrated

Key Information:

Vendor
IBM
Status
Web Application Firewall
G400 Ips-g400-ib-1 Appliance
Gx4004 Ips-gx4004-ib-2 Appliance
Vendor
CVE Published:
15 August 2011

Summary

The IBM Web Application Firewall, utilized in the G400 IPS-G400-IB-1 and GX4004 IPS-GX4004-IB-2 appliances with update 31.030, has a vulnerability that inadequately processes query strings containing multiple instances of the same parameter. This weakness allows remote attackers to sidestep the intended intrusion prevention mechanisms. By segmenting a harmful parameter value into substrings, attackers can craft requests that exploit the vulnerability, such as executing a SQL statement split over multiple 'iid' parameters sent to a .aspx file on an IIS web server.

References

https://www.trustwave.com/spiderlabs/advisories/TWSL2011-...
x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/67178
vdb-entryx_refsource_XF
http://securityreason.com/securityalert/8339
third-party-advisoryx_refsource_SREASON

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.