Imperva Cyber Community

communities_1.jpg
 View Only
  • 1.  CVE Mitigation

    Posted 29 days ago
    Dear Team,
    Hope you're all doing great!
    Some CVEs we does not coverage in WAF, but one of the CVE has been published in the Imperva recently mitigated CVEs.
    CVE-2023-46604 (Apache ActiveMQ) Exploited to Infect Systems With Cryptominers and Rootkits
    CVE-2023-23752 Joomla- Unauthenticated information disclosure
    CVE-2023–32315 - Path Traversal in Openfire leads to RCE (not available in Securesphere)
    CVE-2023-0386 Linux Kernel Privilege Escalation
    Whether we have a threadradar service, this will be covered. Kindly provide manual mitigation.

    #On-PremisesWAF(formerlySecuresphere)

    ------------------------------
    Jagadesh Kumar R
    Information Security Group, Manager
    The Karur Vysya Bank Limited
    Karur
    ------------------------------


  • 2.  RE: CVE Mitigation

    Posted 27 days ago
    Edited by John Thompson 27 days ago

    Hi Jagadesh,

    I hope you find the table below useful.

    If you need anything else, please let us know, and/or open a case with the Imperva support team at: https://support.imperva.com/

    Links above:

    Thanks,

    – JT

    ------------------------------
    John Thompson
    Director, Channel Presales
    Imperva
    San Diego CA
    ------------------------------



  • 3.  RE: CVE Mitigation

    Posted 26 days ago

    Thanks John for your update,

    But CVE-2023-32315, which is not mitigated by ADC update, please refer latest updated ADC content. We don't have threadradar license,



    ------------------------------
    Jagadesh Kumar R
    Information Security Group, Manager
    The Karur Vysya Bank Limited
    Karur
    ------------------------------



  • 4.  RE: CVE Mitigation

    Posted 26 days ago

    Hi Jagdesk,

    I recommend that you open a case with support, including your ADC screenshot, and report that CVE-2023-32315 is not being matched/alerted/blocked.  What I see on my end indicates that it should be.

    Thanks,



    ------------------------------
    John Thompson
    Director, Channel Presales
    Imperva
    San Diego CA
    ------------------------------



  • 5.  RE: CVE Mitigation

    Posted 26 days ago
    Edited by John Thompson 26 days ago

    Can you provide a PCAP sample to support, etc...?



    ------------------------------
    John Thompson
    Director, Channel Presales
    Imperva
    San Diego CA
    ------------------------------