Hi SBISOC,
Thank you for the information that helped resolve our issue.
Thank you.
Regards
Carlson
------------------------------
Hue Sin Yoong
Associate Engineer
Ensign InfoSecurity (Systems) Pte Ltd.
Singapore
------------------------------
Original Message:
Sent: 06-27-2025 04:42
From: SBISOC 4430
Subject: Vulnerability Findings on DAM
Hi Hue,
We also observed that vulnerability in the DAM as well in the DRA. So, we applied the configurations using iptables.
https://retest.dk/vulnerabilities-base/icmp-timestamp-request-remote-date-disclosure-cve-1999-0524/?lang=en
Similar type of steps are provided by Oracle for OEL servers: https://support.oracle.com/knowledge/Oracle%20Linux%20and%20Virtualization/2521867_1.html
Regards,
------------------------------
SBISOC 4430
Manager
Mumbai
Original Message:
Sent: 06-26-2025 09:30
From: Hue Sin Yoong
Subject: Vulnerability Findings on DAM
Hi everyone,
We've encountered a vulnerability finding on our Imperva DAM system:
I'd like to check with the community - are we supposed to address this directly on the DAM appliance using iptables rules, or is it best practice to handle this at the network firewall level?
If anyone has dealt with this on an Imperva DAM setup before, I'd appreciate your advice on the recommended or supported approach.
Thank you.
Regards
Carlson
#DatabaseActivityMonitoring
#ImpervaAgent
#jSonar
#On-PremisesWAF(formerlySecuresphere)
------------------------------
Hue Sin Yoong
Associate Engineer
Ensign InfoSecurity (Systems) Pte Ltd.
Singapore
------------------------------