Lucene search

MitreCVE-2010-2504

HistoryJun 28, 2010 - 6:30 p.m.

CVE-2010-2504

2010-06-2818:30:00

mitre

web.nvd.nist.gov

splunk

http header injection

sensitive information

authenticated users

cve-2010-2504

spl-31066

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.001

Percentile

49.0%

JSON

Splunk 4.0 through 4.0.10 and 4.1 through 4.1.1 allows remote authenticated users to obtain sensitive information via HTTP header injection, aka SPL-31066.

Affected configurations

Nvd

Node

splunksplunkMatch4.0

splunksplunkMatch4.0.1

splunksplunkMatch4.0.2

splunksplunkMatch4.0.3

splunksplunkMatch4.0.4

splunksplunkMatch4.0.5

splunksplunkMatch4.0.6

splunksplunkMatch4.0.7

splunksplunkMatch4.0.8

splunksplunkMatch4.0.9

splunksplunkMatch4.0.10

Node

splunksplunkMatch4.1

splunksplunkMatch4.1.1

VendorProductVersionCPE
splunksplunk4.0cpe:2.3:a:splunk:splunk:4.0:*:*:*:*:*:*:*
splunksplunk4.0.1cpe:2.3:a:splunk:splunk:4.0.1:*:*:*:*:*:*:*
splunksplunk4.0.2cpe:2.3:a:splunk:splunk:4.0.2:*:*:*:*:*:*:*
splunksplunk4.0.3cpe:2.3:a:splunk:splunk:4.0.3:*:*:*:*:*:*:*
splunksplunk4.0.4cpe:2.3:a:splunk:splunk:4.0.4:*:*:*:*:*:*:*
splunksplunk4.0.5cpe:2.3:a:splunk:splunk:4.0.5:*:*:*:*:*:*:*
splunksplunk4.0.6cpe:2.3:a:splunk:splunk:4.0.6:*:*:*:*:*:*:*
splunksplunk4.0.7cpe:2.3:a:splunk:splunk:4.0.7:*:*:*:*:*:*:*
splunksplunk4.0.8cpe:2.3:a:splunk:splunk:4.0.8:*:*:*:*:*:*:*
splunksplunk4.0.9cpe:2.3:a:splunk:splunk:4.0.9:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
splunk	splunk	4.0	cpe:2.3:a:splunk:splunk:4.0:::::::*
splunk	splunk	4.0.1	cpe:2.3:a:splunk:splunk:4.0.1:::::::*
splunk	splunk	4.0.2	cpe:2.3:a:splunk:splunk:4.0.2:::::::*
splunk	splunk	4.0.3	cpe:2.3:a:splunk:splunk:4.0.3:::::::*
splunk	splunk	4.0.4	cpe:2.3:a:splunk:splunk:4.0.4:::::::*
splunk	splunk	4.0.5	cpe:2.3:a:splunk:splunk:4.0.5:::::::*
splunk	splunk	4.0.6	cpe:2.3:a:splunk:splunk:4.0.6:::::::*
splunk	splunk	4.0.7	cpe:2.3:a:splunk:splunk:4.0.7:::::::*
splunk	splunk	4.0.8	cpe:2.3:a:splunk:splunk:4.0.8:::::::*
splunk	splunk	4.0.9	cpe:2.3:a:splunk:splunk:4.0.9:::::::*

Rows per page:

1-10 of 131

References

www.splunk.com/view/SP-CAAAFGD

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.001

Percentile

49.0%

JSON

Related for CVE-2010-2504