Imperva Web Application Firewall (WAF) before 2021-12-23 allows remote unauthenticated attackers to use "Content-Encoding: gzip" to evade WAF security controls and send malicious HTTP POST requests to web servers behind the WAF.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2022-01-14T17:58:09
Updated: 2024-08-04T04:39:21.099Z
Reserved: 2021-12-23T00:00:00
Link: CVE-2021-45468
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-01-14T18:15:10.203
Modified: 2022-01-21T19:57:44.767
Link: CVE-2021-45468
Redhat
No data.