Imperva Cyber Community

communities_1.jpg
 View Only

  • 1.  CVE Mitigation

    Posted 02-02-2024 05:34
    Dear Team,
    Hope you're all doing great!
    Some CVEs we does not coverage in WAF, but one of the CVE has been published in the Imperva recently mitigated CVEs.
    CVE-2023-46604 (Apache ActiveMQ) Exploited to Infect Systems With Cryptominers and Rootkits
    CVE-2023-23752 Joomla- Unauthenticated information disclosure
    CVE-2023–32315 - Path Traversal in Openfire leads to RCE (not available in Securesphere)
    CVE-2023-0386 Linux Kernel Privilege Escalation
    Whether we have a threadradar service, this will be covered. Kindly provide manual mitigation.

    #On-PremisesWAF(formerlySecuresphere)

    ------------------------------
    Jagadesh Kumar R
    Information Security Group, Manager
    The Karur Vysya Bank Limited
    Karur
    ------------------------------


  • 2.  RE: CVE Mitigation

    Posted 02-04-2024 18:24
    Edited by John Thompson 02-04-2024 18:24

    Hi Jagadesh,

    I hope you find the table below useful.

    If you need anything else, please let us know, and/or open a case with the Imperva support team at: https://support.imperva.com/

    Links above:

    Thanks,

    – JT

    ------------------------------
    John Thompson
    Director, Channel Presales
    Imperva
    San Diego CA
    ------------------------------



  • 3.  RE: CVE Mitigation

    Posted 02-05-2024 14:04

    Thanks John for your update,

    But CVE-2023-32315, which is not mitigated by ADC update, please refer latest updated ADC content. We don't have threadradar license,



    ------------------------------
    Jagadesh Kumar R
    Information Security Group, Manager
    The Karur Vysya Bank Limited
    Karur
    ------------------------------

    Original Message


  • 4.  RE: CVE Mitigation

    Posted 02-05-2024 14:50

    Hi Jagdesk,

    I recommend that you open a case with support, including your ADC screenshot, and report that CVE-2023-32315 is not being matched/alerted/blocked.  What I see on my end indicates that it should be.

    Thanks,



    ------------------------------
    John Thompson
    Director, Channel Presales
    Imperva
    San Diego CA
    ------------------------------

    Original Message


  • 5.  RE: CVE Mitigation

    Posted 02-05-2024 14:53
    Edited by John Thompson 02-05-2024 14:53

    Can you provide a PCAP sample to support, etc...?



    ------------------------------
    John Thompson
    Director, Channel Presales
    Imperva
    San Diego CA
    ------------------------------

    Original Message