Skip to main content

Critical Vulnerability in Imperva SecureSphere Web Application Firewall

The critical vulnerability could allow an attacker to bypass Web Application Firewall (WAF) rules

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

The critical vulnerability could allow an attacker to bypass Web Application Firewall (WAF) rules


Affected platforms

The following platforms are known to be affected:

Threat details

Introduction

Imperva have released a security update to address a critical vulnerability in SecureSphere Web Application Firewall (WAF). Imperva SecureSphere WAF is an on-premise firewall that is used to inspect, monitor, and block traffic to web applications.

The vulnerability assigned CVE-2023-50969 has a CVSSv3 score of 9.8 and could allow an attacker to bypass WAF rules.


Remediation advice

Affected organisations are encouraged to review the Imperva Knowledgebase Article and apply the relevant updates.


Remediation steps

Type Step
Patch

This vulnerability can be remediated by applying the Application Defense Centre (ADC) rule update that was released on February 26, 2024.


https://docs.imperva.com/bundle/z-kb-articles-km/page/f81a5705.html


Last edited: 2 April 2024 1:43 pm