KLA10340
Multiple vulnerabilities in Splunk
Updated: 06/01/2019
Detect date
?
08/12/2014
Severity
?
Warning
Description

Multiple serious vulnerabilities have been found in Splunk. Malicious users can exploit these vulnerabilities to inject arbitrary script or read local files. Below is a complete list of vulnerabilities

  1. An XSS vulnerability can be exploited remotely via specially designed HTPP headers;
  2. A directory traversal vulnerability can be exploited via a specially designed URI.
Affected products

Splunk Enterprise 6.1 versions 6.1.2 and earlier

Solution

Update to latest version

Original advisories

Splunk changelog

Impacts
?
CI 
[?]

RLF 
[?]
CVE-IDS
?
CVE-2014-51984.3Warning
CVE-2014-51974.0Warning