WAF Bypass Vulnerability Affects Thales Imperva SecureSphere WAF
CVE-2023-50969
Key Information
- Vendor
- Thales Imperva
- Vendor
- CVE Published:
- 28 March 2024
Badges
Summary
The CVE-2023-50969 vulnerability affects the Thales Imperva SecureSphere WAF, with a critical CVSS score of 9.8. Attackers can bypass WAF rules via a crafted POST request, potentially leading to devastating security breaches. The vulnerability affects specific versions of SecureSphere WAF, and organizations with Imperva SecureSphere WAF v14.7.0.40 are at risk. Imperva has released an ADC rule update to address the vulnerability, and organizations are advised to conduct a thorough audit of their web applications and consider additional security measures to strengthen their defenses. No known exploits in the wild by ransomware groups have been reported.
News Articles
Cyber Security InformerTop Cyber Security Informer Penetration Testing Security Awareness Content for March, 2024
Best content around Penetration Testing Security Awareness selected by the Cyber Security Informer community.
6 months ago
thecyberthrone.inApril 2024 – TheCyberThrone
1 post published by PravinKarthik during April 2024
9 months ago
Bypassing Imperva SecureSphere WAF (CVE-2023-50969)
Background Imperva SecureSphere Web Application Firewall (WAF) is an on-premise security solution to inspect, monitor and block traffic to web applications. Some versions of SecureSphere WAF are affected by...
9 months ago
Refferences
Timeline
- 👾
Exploit known to exist
First article discovered by securityonline.info
Vulnerability published
Vulnerability Reserved