CVE-2011-3140

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2011-3140
IBM Web Application Firewall, as used on the G400 IPS-G400-IB-1 and GX4004 IPS-GX4004-IB-2 appliances with update 31.030, does not properly handle query strings with multiple instances of the same parameter, which allows remote attackers to bypass intended intrusion prevention by dividing a dangerous parameter value into substrings, as demonstrated by a SQL statement that is split across multiple iid parameters and then sent to a .aspx file on an IIS web server.

5.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://securityreason.com/securityalert/8339
http://securitytracker.com/id?1025683 Exploit
http://www.iss.net/security_center/reference/vuln/HTTP_Parameter_Abuse.htm
http://www.securityfocus.com/archive/1/518556/100/0/threaded
http://www.securityfocus.com/bid/48370
https://exchange.xforce.ibmcloud.com/vulnerabilities/67178
https://www.trustwave.com/spiderlabs/advisories/TWSL2011-006.txt Exploit
http://securityreason.com/securityalert/8339
http://securitytracker.com/id?1025683 Exploit
http://www.iss.net/security_center/reference/vuln/HTTP_Parameter_Abuse.htm
http://www.securityfocus.com/archive/1/518556/100/0/threaded
http://www.securityfocus.com/bid/48370
https://exchange.xforce.ibmcloud.com/vulnerabilities/67178
https://www.trustwave.com/spiderlabs/advisories/TWSL2011-006.txt Exploit
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:ibm:web_application_firewall:-:*:*:*:*:*:*:*
OR cpe:2.3:h:ibm:g400_ips-g400-ib-1_appliance:31.030:*:*:*:*:*:*:*
cpe:2.3:h:ibm:gx4004_ips-gx4004-ib-2_appliance:31.030:*:*:*:*:*:*:*
History

21 Nov 2024, 01:29

Type Values Removed Values Added
References () http://securityreason.com/securityalert/8339 - () http://securityreason.com/securityalert/8339 -
References () http://securitytracker.com/id?1025683 - Exploit () http://securitytracker.com/id?1025683 - Exploit
References () http://www.iss.net/security_center/reference/vuln/HTTP_Parameter_Abuse.htm - () http://www.iss.net/security_center/reference/vuln/HTTP_Parameter_Abuse.htm -
References () http://www.securityfocus.com/archive/1/518556/100/0/threaded - () http://www.securityfocus.com/archive/1/518556/100/0/threaded -
References () http://www.securityfocus.com/bid/48370 - () http://www.securityfocus.com/bid/48370 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/67178 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/67178 -
References () https://www.trustwave.com/spiderlabs/advisories/TWSL2011-006.txt - Exploit () https://www.trustwave.com/spiderlabs/advisories/TWSL2011-006.txt - Exploit
Information

Published : 2011-08-15 21:55

Updated : 2025-04-11 00:51

NVD link : CVE-2011-3140

Mitre link : CVE-2011-3140

CVE.ORG link : CVE-2011-3140

JSON object : View

Products Affected

ibm

  • g400_ips-g400-ib-1_appliance
  • web_application_firewall
  • gx4004_ips-gx4004-ib-2_appliance
CWE
CWE-264

Permissions, Privileges, and Access Controls