CVE-2017-14706

DenyAll WAF before 6.4.1 allows unauthenticated remote attackers to obtain authentication information by making a typeOf=debug request to /webservices/download/index.php, and then reading the iToken field in the reply. This affects DenyAll i-Suite LTS 5.5.0 through 5.5.12, i-Suite 5.6, Web Application Firewall 5.7, and Web Application Firewall 6.x before 6.4.1, with On Premises or AWS/Azure cloud deployments.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 98%
VendorProductVersion
denyalli-suite
5.5.0
denyalli-suite
5.5.9
denyalli-suite
5.5.10
denyalli-suite
5.5.11
denyalli-suite
5.5.12
denyalli-suite
5.6.0
denyallweb_application_firewall
5.7.0
denyallweb_application_firewall
6.0.0
denyallweb_application_firewall
6.1.0
denyallweb_application_firewall
6.2.0
denyallweb_application_firewall
6.3.0
denyallweb_application_firewall
6.4.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/rapid7/metasploit-framework/pull/8980
https://pentest.blog/advisory-denyall-web-application-firewall-unauthenticated-remote-code-execution/
https://www.denyall.com/blog/advisories/advisory-unauthenticated-remote-code-execution-denyall-web-application-firewall/
https://github.com/rapid7/metasploit-framework/pull/8980
https://pentest.blog/advisory-denyall-web-application-firewall-unauthenticated-remote-code-execution/
https://www.denyall.com/blog/advisories/advisory-unauthenticated-remote-code-execution-denyall-web-application-firewall/