4.6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
22.7%
When handling a mismatched pre-authentication cookie, the application leaks the internal error message in the response, which contains the Splunk Enterprise local system path. The vulnerability impacts Splunk Enterprise versions before 8.1.0.
www.splunk.com/en_us/product-security/announcements/svd-2022-0507.html