58 matches found
CVE-2017-5880
Splunk Web in Splunk Enterprise versions 6.5.x before 6.5.2, 6.4.x before 6.4.5, 6.3.x before 6.3.9, 6.2.x before 6.2.13, 6.1.x before 6.1.12, 6.0.x before 6.0.13, 5.0.x before 5.0.17 and Splunk Light versions before 6.5.2 allows remote authenticated users to cause a denial of service daemon cras...
CVE-2017-5880
CVE-2017-5880 affects Splunk Web in Splunk Enterprise versions 6.5.x before 6.5.2, 6.4.x before 6.4.5, 6.3.x before 6.3.9, 6.2.x before 6.2.13, 6.1.x before 6.1.12, 6.0.x before 6.0.13, 5.0.x before 5.0.17 and Splunk Light before 6.5.2. It allows remote authenticated users to cause a denial of se...
Splunk Light Python Vulnerabilities
Splunk Light is prone to multiple vulnerabilities in Python. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:splunk:light"; if...
Splunk Light 6.3.x < 6.3.5 XSS Vulnerability
Splunk Light is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:splunk:light";...
Splunk Light Multiple Vulnerabilities
Splunk Light is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:splunk:light"; if description...
Splunk Enterprise and Splunk Light vulnerable to cross-site scripting
Overview Splunk Enterprise and Splunk Light contain a cross-site scripting vulnerability CWE-79. Note that this vulnerability is different from JVN71462075. Noriaki Iwasaki of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...
Splunk Enterprise and Splunk Light vulnerable to open redirect
Overview Splunk Enterprise and Splunk Light contain an open redirect vulnerability. Note that this vulnerability is different from JVN39926655. Noriaki Iwasaki of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...
Splunk Enterprise and Splunk Light vulnerable to open redirect
Overview Splunk Enterprise and Splunk Light contain an open redirect vulnerability. Note that this vulnerability is different from JVN64800312. Noriaki Iwasaki of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...
Splunk Light Open Redirection Vulnerability
Splunk Light is prone to an open redirection vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:splunk:light";...
Splunk Light Remote Detection
Detects the installed version of Splunk Light. This script sends an HTTP GET request and tries to get the version from the response. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Splunk Enterprise Cross-Site Scripting Vulnerability (CNVD-2015-06521)
Splunk Enterprise is an enterprise-grade log analytics software that runs in Unix environments. A cross-site scripting vulnerability in Splunk Enterprise version 6.2.x prior to 6.2.6 and Splunk Light version 6.2.x prior to 6.2.6 allows remote attackers to inject arbitrary web script or HTML via...
CVE-2015-7604
The CVE-2015-7604 entry concerns Splunk Web in Splunk Enterprise 6.2.x prior to 6.2.6 and Splunk Light 6.2.x prior to 6.2.6, where an XSS flaw allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Affected component: Splunk Web in the 6.2.x line. Root cause detai...
Splunk Enterprise and Splunk Light Web Cross-Site Scripting Vulnerabilities
Splunk is a suite of data collection and analysis software. The software is primarily used to collect, index and analyze machine-generated data, including data generated by all IT systems and infrastructure. A cross-site scripting vulnerability exists in Splunk Enterprise and Splunk Light in the...
CVE-2015-6514
Cross-site scripting XSS vulnerability in the Dashboard in Splunk Enterprise 6.2.x before 6.2.4 and Splunk Light 6.2.x before 6.2.4 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in Splunk Web in Splunk Enterprise 6.2.x before 6.2.4, 6.1.x before 6.1.8, 6.0.x before 6.0.9, and 5.0.x before 5.0.13 and Splunk Light 6.2.x before 6.2.4 allows remote attackers to inject arbitrary web script or HTML via a header...
CVE-2015-6514
CVE-2015-6514 affects the Dashboard component of Splunk Enterprise 6.2.x (before 6.2.4) and Splunk Light 6.2.x (before 6.2.4). The root cause is a Cross-Site Scripting (XSS) vulnerability that could allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. E...
CVE-2015-6514
Cross-site scripting XSS vulnerability in the Dashboard in Splunk Enterprise 6.2.x before 6.2.4 and Splunk Light 6.2.x before 6.2.4 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
Splunk Enterprise and Splunk Light Input Validation Cross-Site Scripting Vulnerability
Splunk is the engine of machine data. Splunk collects, indexes, and utilizes fast-moving computer data generated by all applications, servers, and devices. Splunk suffers from a cross-site scripting vulnerability that could be exploited by a remote attacker to inject malicious script or HTML code...