{"vulnerability": "cve-2023-50969", "sightings": [{"uuid": "1e621d71-cd29-415a-8bac-a110bc9fbe2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-50969", "type": "published-proof-of-concept", "source": "https://t.me/Kelvinseccommunity/177", "content": "https://www.hoyahaxa.com/2024/03/imperva-waf-bypass-cve-2023-50969.html\n\nBypassing Imperva SecureSphere WAF (CVE-2023-50969)\n#github", "creation_timestamp": "2024-04-02T18:49:27.000000Z"}, {"uuid": "f597d5a2-197c-4e25-b8b0-87c9b40ee798", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-50969", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10261", "content": "#exploit\n1. CVE-2023-50969:\nImperva SecureSphere WAF Bypass for POST Data Inspection Rules\nhttps://www.hoyahaxa.com/2024/03/imperva-waf-bypass-cve-2023-50969.html\n\n2. CVE-2023-42931:\nLPE through Apple macOS filesystems\nhttps://www.alter-solutions.fr/blog/local-privilege-escalating-my-way-to-root-throught-apple-macos-filesystems", "creation_timestamp": "2024-04-02T10:58:01.000000Z"}, {"uuid": "ca3b7dcf-08cf-4459-aacf-4b5424faf4b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-50969", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/2796", "content": "#exploit\n1. CVE-2023-50969:\nImperva SecureSphere WAF Bypass for POST Data Inspection Rules\nhttps://www.hoyahaxa.com/2024/03/imperva-waf-bypass-cve-2023-50969.html\n\n2. CVE-2023-42931:\nLPE through Apple macOS filesystems\nhttps://www.alter-solutions.fr/blog/local-privilege-escalating-my-way-to-root-throught-apple-macos-filesystems", "creation_timestamp": "2024-08-16T09:16:38.000000Z"}, {"uuid": "470dfd49-c799-4f00-8fd9-24520e2406b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-50969", "type": "published-proof-of-concept", "source": "Telegram/b-rTkt2ZerHoeUG2xGDJzv5fZsOQJNwWlNsHtJbdmP-yHoA", "content": "", "creation_timestamp": "2024-04-01T14:05:10.000000Z"}, {"uuid": "232b78c3-5836-4878-9105-217b1aa7b36c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-50969", "type": "seen", "source": "https://t.me/true_secator/5586", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442 \u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Imperva SecureSphere Web Application Firewall, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u044e\u0442\u0441\u044f \u0432 \u0433\u043e\u0441\u0441\u0435\u043a\u0442\u043e\u0440\u0435, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432 \u043a\u0440\u0443\u043f\u043d\u043e\u043c \u0438 \u0441\u0440\u0435\u0434\u043d\u0435\u043c \u0431\u0438\u0437\u043d\u0435\u0441\u0435.\n\nCVE-2023-50969\u00a0\u0438\u043c\u0435\u0435\u0442 CVSS 3.1: 9,8 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0438\u043b\u0430 WAF \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0437\u0430\u043f\u0440\u043e\u0441\u0430 POST, \u0430 \u0432\u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0432 \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u044b\u0445 \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u0445.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Imperva SecureSphere \u0431\u0435\u0437 \u0444\u0435\u0432\u0440\u0430\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0426\u0435\u043d\u0442\u0440\u0430 \u0437\u0430\u0449\u0438\u0442\u044b \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 (ADC), \u0431\u044b\u043b\u0430 \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u043f\u0440\u043e\u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u043d\u0430 v14.7.0.40. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c Imperva Cloud WAF \u043d\u0435 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043e\u0448\u0438\u0431\u043a\u0435.\n\n\u041e\u0431\u0445\u043e\u0434 \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 WAF \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442\u0441\u044f \u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c \u0437\u0430\u043f\u0440\u043e\u0441\u0430 \u0441 \u0434\u0432\u0443\u043c\u044f (\u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435) \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0430\u043c\u0438\u00a0Content-Encoding (\u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d \u0434\u043b\u044f \u043f\u0435\u0440\u0435\u0447\u0438\u0441\u043b\u0435\u043d\u0438\u044f \u0432\u0441\u0435\u0445 \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u043e\u043a, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u044b\u043b\u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u044b \u043a \u0442\u0435\u043b\u0443 HTTP-\u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f, \u0434\u043e\u043f\u0443\u0441\u0442\u0438\u043c\u044b\u0435 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f:\u00a0br, compress, deflate \u0438 gzip).\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0430\u00a0gzip, \u0442\u0430\u043a\u0436\u0435 \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u043e\u0431\u043e\u0439\u0442\u0438 \u043f\u0440\u0430\u0432\u0438\u043b\u0430 WAF \u043c\u043e\u0436\u043d\u043e \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e\u00a0 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0430\u00a0Content-Encoding, \u0437\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u043c \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043e\u043a\u00a0Content-Encoding: deflate.\n\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430 \u0443\u0432\u0435\u0434\u043e\u043c\u0438\u043b\u0438 10 \u043d\u043e\u044f\u0431\u0440\u044f, \u043f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e 26 \u0444\u0435\u0432\u0440\u0430\u043b\u044f \u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u0430\u0432\u0438\u043b ADC \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.", "creation_timestamp": "2024-03-29T18:50:14.000000Z"}, {"uuid": "0408b9aa-28f9-49eb-b5be-e49e2e589d5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-50969", "type": "published-proof-of-concept", "source": "https://t.me/Kelvinseccommunity/193", "content": "https://www.hoyahaxa.com/2024/03/imperva-waf-bypass-cve-2023-50969.html\n\nBypassing Imperva SecureSphere WAF (CVE-2023-50969)\n#github", "creation_timestamp": "2024-04-02T18:49:27.000000Z"}, {"uuid": "d7bc016c-e4e8-4e67-96fa-dfeaf71c4ad2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-50969", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2235", "content": "https://www.hoyahaxa.com/2024/03/imperva-waf-bypass-cve-2023-50969.html\n\nBypassing Imperva SecureSphere WAF (CVE-2023-50969)\n#github", "creation_timestamp": "2024-04-06T00:37:11.000000Z"}, {"uuid": "c10c9079-f216-47a9-9b54-c23a6329ef93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-50969", "type": "seen", "source": "Telegram/bzTrdAryems4FPAROTn9hIEuei_rXxA0rFalNyBGgr7yZsM", "content": "", "creation_timestamp": "2024-04-04T00:58:04.000000Z"}]}