virus logo Intrusion Prevention

Riverbed.SteelCentral.NetExpress.Code.Injection

description-logoDescription

This indicates an attack attempt to exploit a SQL/Remote Code Injection vulnerability in Riverbed SteelCentral NetProfiler/NetExpress virtual appliances.
The vulnerability is due to insufficient validation in user input when handling a HTTP request from client. A remote attacker may be able to exploit this to execute arbitrary code on vulnerable systems via a crafted HTTP request.

affected-products-logoAffected Products

Riverbed SteelCentral NetProfiler 10.8.7
Riverbed NetExpress 10.8.7

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Currently we are unaware of any vendor supplied patch for this issue.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)
ID 43145
Created Oct 04, 2016
Updated May 02, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
Default Action drop
Active
Affected OS Linux
Affected App Other