CVE-2011-3140
Last modified
CVE-2011-3140 is a vulnerability of currently unknown severity. IBM Web Application Firewall, as used on the G400 IPS-G400-IB-1 and GX4004 IPS-GX4004-IB-2 appliances with update 31.030, does not properly handle query strings with multiple instances of the same parameter, which allows remote attackers to bypass intended intrusion prevention by dividing a dangerous parameter value into substrings, as demonstrated by a SQL statement that is split across multiple iid parameters and then sent to a .aspx file on an IIS web server.. EPSS estimates a 2.15% chance of exploitation in the next 30 days.
Description
IBM Web Application Firewall, as used on the G400 IPS-G400-IB-1 and GX4004 IPS-GX4004-IB-2 appliances with update 31.030, does not properly handle query strings with multiple instances of the same parameter, which allows remote attackers to bypass intended intrusion prevention by dividing a dangerous parameter value into substrings, as demonstrated by a SQL statement that is split across multiple iid parameters and then sent to a .aspx file on an IIS web server.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Web Application Firewall | All versions |
| Ibm | G400 Ips-G400-Ib-1 Appliance | 31.030 |
| Ibm | Gx4004 Ips-Gx4004-Ib-2 Appliance | 31.030 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2011-3140?
How severe is CVE-2011-3140?
How do I fix CVE-2011-3140?
Are you affected by CVE-2011-3140?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST