KLA10340
Multiple vulnerabilities in Splunk
Обновлено: 17/06/2019
Дата обнаружения
12/08/2014
Уровень угрозы
Warning
Описание

Multiple serious vulnerabilities have been found in Splunk. Malicious users can exploit these vulnerabilities to inject arbitrary script or read local files. Below is a complete list of vulnerabilities

  1. An XSS vulnerability can be exploited remotely via specially designed HTPP headers;
  2. A directory traversal vulnerability can be exploited via a specially designed URI.
Пораженные продукты

Splunk Enterprise 6.1 versions 6.1.2 and earlier

Решение

Update to latest version

Первичный источник обнаружения
Splunk changelog
Оказываемое влияние
?
CI 
[?]

RLF 
[?]
Связанные продукты
Splunk
CVE-IDS
CVE-2014-51984.3Warning
CVE-2014-51974.0Warning