Skip to main content
CVE-2013-4091 HIGH POC This Week

The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 does not have an off autocomplete attribute for the password (aka j_password) field on the secsphLogin.jsp. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Securesphere
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
3.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy