Multiple vulnerabilities in Splunk

Описание

Multiple serious vulnerabilities have been found in Splunk. Malicious users can exploit these vulnerabilities to inject arbitrary script or read local files. Below is a complete list of vulnerabilities

1. An XSS vulnerability can be exploited remotely via specially designed HTPP headers;
2. A directory traversal vulnerability can be exploited via a specially designed URI.

Первичный источник обнаружения

• Splunk changelog
  

Связанные продукты

• Splunk

Список CVE

• CVE-2014-5198
  warning
• CVE-2014-5197
  warning

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com