Imperva Cyber Community

Dear Team,

Hope you're all doing good

While checking CVE coverage, we found some CVE's not found in Securesphere or Imperva recently mitigated CVE's. Let me know, how Imperva covering below mentioned CVE's in WAF.

CVE's:
CVE-2022-29404
CVE-2022-30522
CVE-2022-22721
CVE-2021-44790
CVE-2022-35947
CVE-2022-0543

#On-PremisesWAF(formerlySecuresphere)

------------------------------
Jagadesh Kumar R
Inormation Security Group, Assistant Manager
The Karur Vysya Bank Limited
Karur
------------------------------

Hi,

I would strongly recommend opening a support case for this information.


Regards,

------------------------------
Sarvesh Lad
Tech Lead @ On-Prem Managed Services (WAF, DAM, DRA & Sonar)
------------------------------

Hi Jagadesh,

I touched base with our threat research team, and they provided the info below. I echo Sarvesh's comment - if you need further info, raise a support ticket here.

CVE-2022-29404
Insufficient information to determine mitigation status - actively monitoring

CVE-2022-30522
Out of scope as it is not a http vulnerability

CVE-2022-22721
Out of scope as its not a http exploit

CVE-20221-44790
Insufficient information to determine mitigation status - actively monitoring

CVE-2022-0543
Out of scope non http

CVE-2022-35947
OOTB by sqli rules we already have in place

------------------------------
Sarah Lamont
Digital Community Manager
------------------------------