Lucene search
HistoryJun 24, 2010 - 12:17 p.m.
CVE-2010-2429
cve-2010-2429
splunk
xss
vulnerability
web script
html
http referer
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.7 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
60.4%
Cross-site scripting (XSS) vulnerability in Splunk 4.0 through 4.1.2, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer in a “404 Not Found” response.
Affected configurations
Node
splunksplunkMatch4.0
ORsplunksplunkMatch4.0.1
ORsplunksplunkMatch4.0.2
ORsplunksplunkMatch4.0.3
ORsplunksplunkMatch4.0.4
ORsplunksplunkMatch4.0.5
ORsplunksplunkMatch4.0.6
ORsplunksplunkMatch4.0.7
ORsplunksplunkMatch4.0.8
ORsplunksplunkMatch4.0.9
ORsplunksplunkMatch4.0.10
ORsplunksplunkMatch4.0.11
ORsplunksplunkMatch4.1
ORsplunksplunkMatch4.1.1
ORsplunksplunkMatch4.1.2
microsoftinternet_explorer
Related
openvas
openvas
Splunk 4.0 - 4.1.2 XSS Vulnerability
2010-07-12 00:00:00
Splunk 'Referer' Header Cross-Site Scripting Vulnerability
2010-07-12 00:00:00
cvelist
cvelist
CVE-2010-2429
2010-06-23 17:13:00
CVE-2014-8380
2014-10-21 15:00:00
nessus
nessus
Splunk 4.x < 4.1.3 404 Response XSS
2010-07-07 00:00:00
prion
prion
Cross site scripting
2010-06-24 12:17:00
Cross site scripting
2014-10-21 15:55:00
nvd
nvd
CVE-2010-2429
2010-06-24 12:17:45
CVE-2014-8380
2014-10-21 15:55:08
cve
cve
CVE-2014-8380
2014-10-21 15:55:08
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.7 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
60.4%
Related for CVE-2010-2429