漏洞类别:CGI
漏洞等级: 
漏洞信息
Splunk is a log monitoring and reporting tool with search capabilities. Splunk Enterprise and Splunk Light are exposed to a Social Engineering vulnerability which an attacker can perform by displaying a controlled message when a user visits a specific URL.
Affected Software:
Splunk Enterprise 6.5.x before 6.5.3
Splunk Enterprise 6.4.x before 6.4.7
Splunk Enterprise 6.3.x before 6.3.11
Splunk Enterprise 6.2.x before 6.2.14
Splunk Enterprise 6.1.x before 6.1.14
Splunk Enterprise 6.0.x before 6.0.15
Splunk Enterprise 5.0.x before 5.0.19
Splunk Light before 6.5.3
QID detection Logic (unauthenticated):
The QID checks for the vulnerable version of Splunk Enterprise and Light in the response it receives, by sending a HTTP GET en-GB/account/login request.
漏洞危害
Successful exploitation of the vulnerability will allow an attacker to perform social engineering by displaying a controlled message when a user visits a specific URL.
解决方案
Vendor has released updated versions to fix these vulnerabilities. Please refer SP-CAAAP2U for more details.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0daybank
文章评论