Lucene search
HistoryOct 03, 2022 - 4:15 p.m.
CVE-2015-6514
cve-2015-6514
cross-site scripting
xss
splunk
enterprise
splunk light
security vulnerability
remote code injection
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.4 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
46.1%
Cross-site scripting (XSS) vulnerability in the Dashboard in Splunk Enterprise 6.2.x before 6.2.4 and Splunk Light 6.2.x before 6.2.4 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Affected configurations
Node
splunksplunkMatch6.2.0enterprise
ORsplunksplunkMatch6.2.0light
ORsplunksplunkMatch6.2.1enterprise
ORsplunksplunkMatch6.2.1light
ORsplunksplunkMatch6.2.2enterprise
ORsplunksplunkMatch6.2.2light
ORsplunksplunkMatch6.2.3enterprise
ORsplunksplunkMatch6.2.3light
| CPE | Name | Operator | Version |
|---|---|---|---|
| splunk:splunk | splunk | eq | 6.2.0 |
| splunk:splunk | splunk | eq | 6.2.1 |
| splunk:splunk | splunk | eq | 6.2.2 |
| splunk:splunk | splunk | eq | 6.2.3 |
Related
nvd
nvd
CVE-2015-6514
2015-08-18 15:59:15
cvelist
cvelist
CVE-2015-6514
2022-10-03 16:15:53
prion
prion
Cross site scripting
2015-08-18 15:59:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.4 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
46.1%
Related for CVE-2015-6514