Lucene search
MitreCVELIST:CVE-2011-4642HistoryJan 03, 2012 - 11:00 a.m.
CVE-2011-4642
2012-01-0311:00:00
mitre
www.cve.org
mappy.py in Splunk Web in Splunk 4.2.x before 4.2.5 does not properly restrict use of the mappy command to access Python classes, which allows remote authenticated administrators to execute arbitrary code by leveraging the sys module in a request to the search application, as demonstrated by a cross-site request forgery (CSRF) attack, aka SPL-45172.
Related
saint
saint
Splunk Search Jobs Remote Code Execution
2012-01-13 00:00:00
Splunk Search Jobs Remote Code Execution
2012-01-13 00:00:00
Splunk Search Jobs Remote Code Execution
2012-01-13 00:00:00
prion
prion
Cross site request forgery (csrf)
2012-01-03 11:55:00
packetstorm
packetstorm
Splunk Search Remote Code Execution
2011-12-23 00:00:00
cve
cve
CVE-2011-4642
2012-01-03 11:55:03
CVE-2011-4779
2022-10-03 16:15:14
nvd
nvd
CVE-2011-4642
2012-01-03 11:55:03
CVE-2011-4779
2011-12-20 15:55:01
openvas
openvas
Splunk 4.0 - 4.2.4 Multiple Vulnerabilities - Active Check
2011-12-22 00:00:00