Overview
- Description
- AIMANAGER before B115 on MONITORAPP Application Insight Web Application Firewall (AIWAF) devices with Manager 2.1.0 has Improper Authentication. An attacker can gain administrative access by modifying the response to an authentication check request.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 6.5
- Impact score
- 6.4
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-287
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:monitorapp:application_insight_web_application_firewall:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "89AC475F-FDAF-442D-A441-EEF883CF1142"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:monitorapp:application_insight_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E9E2CA11-04CA-43E3-BBC2-46A2DAD8ED3F",
"versionEndExcluding": "b115",
"versionStartIncluding": "b107"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]