Hi Jagdesk,
I recommend that you open a case with support, including your ADC screenshot, and report that CVE-2023-32315 is not being matched/alerted/blocked. What I see on my end indicates that it should be.
Thanks,
------------------------------
John Thompson
Director, Channel Presales
Imperva
San Diego CA
------------------------------
Original Message:
Sent: 02-05-2024 14:04
From: Jagadesh Kumar R
Subject: CVE Mitigation
Thanks John for your update,
But CVE-2023-32315, which is not mitigated by ADC update, please refer latest updated ADC content. We don't have threadradar license,
------------------------------
Jagadesh Kumar R
Information Security Group, Manager
The Karur Vysya Bank Limited
Karur
Original Message:
Sent: 02-04-2024 18:23
From: John Thompson
Subject: CVE Mitigation
Hi Jagadesh,
I hope you find the table below useful.
If you need anything else, please let us know, and/or open a case with the Imperva support team at: https://support.imperva.com/
Links above:
Thanks,
– JT
------------------------------
John Thompson
Director, Channel Presales
Imperva
San Diego CA
Original Message:
Sent: 02-02-2024 05:33
From: Jagadesh Kumar R
Subject: CVE Mitigation
Dear Team,
Hope you're all doing great!
Some CVEs we does not coverage in WAF, but one of the CVE has been published in the Imperva recently mitigated CVEs.
CVE-2023-46604 (Apache ActiveMQ) Exploited to Infect Systems With Cryptominers and Rootkits
CVE-2023-23752 Joomla- Unauthenticated information disclosure
CVE-2023–32315 - Path Traversal in Openfire leads to RCE (not available in Securesphere)
CVE-2023-0386 Linux Kernel Privilege Escalation
Whether we have a threadradar service, this will be covered. Kindly provide manual mitigation.
#On-PremisesWAF(formerlySecuresphere)
------------------------------
Jagadesh Kumar R
Information Security Group, Manager
The Karur Vysya Bank Limited
Karur
------------------------------