Cross site request forgery (csrf)

2018-10-2321:31:00

PRIOn knowledge base

www.prio-n.com

7.4 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.7%

JSON

Splunkd in Splunk Enterprise 6.2.x before 6.2.14 6.3.x before 6.3.11, and 6.4.x before 6.4.8; and Splunk Light before 6.5.0 allow remote attackers to cause a denial of service via a malformed HTTP request.

CPENameOperatorVersion
splunkge6.2.0
splunklt6.2.14
splunklt6.5.0
splunkge6.3.0
splunklt6.3.11
splunkge6.4.0
splunklt6.4.8

Name	Operator	Version
splunk	ge	6.2.0
splunk	lt	6.2.14
splunk	lt	6.5.0
splunk	ge	6.3.0
splunk	lt	6.3.11
splunk	ge	6.4.0
splunk	lt	6.4.8

References

www.splunk.com/view/SP-CAAAP5T