VYPR

Profense

by Armorlogic

CVEs (2)

  • CVE-2009-1745May 21, 2009
    risk 0.00cvss epss 0.02

    Armorlogic Profense Web Application Firewall before 2.2.22, and 2.4.x before 2.4.4, has a default root password hash, and permits password-based root logins over SSH, which makes it easier for remote attackers to obtain access.

  • CVE-2009-1594May 21, 2009
    risk 0.00cvss epss 0.01

    Armorlogic Profense Web Application Firewall before 2.2.22, and 2.4.x before 2.4.4, does not properly implement the "positive model," which allows remote attackers to bypass certain protection mechanisms via a %0A (encoded newline), as demonstrated by a %0A in a cross-site…