- Description
- AIMANAGER before B115 on MONITORAPP Application Insight Web Application Firewall (AIWAF) devices with Manager 2.1.0 has Improper Authentication. An attacker can gain administrative access by modifying the response to an authentication check request.
- Source
- cve@mitre.org
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 6.5
- Impact score
- 6.4
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:P/A:P
- nvd@nist.gov
- CWE-287
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:monitorapp:application_insight_web_application_firewall:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "89AC475F-FDAF-442D-A441-EEF883CF1142"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:monitorapp:application_insight_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E9E2CA11-04CA-43E3-BBC2-46A2DAD8ED3F",
"versionEndExcluding": "b115",
"versionStartIncluding": "b107"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]