Lucene search
K

133 matches found

CNVD
CNVD
added 2016/08/25 12:0 a.m.3 views

Splunk Web Open Redirect Vulnerability

Splunk is a suite of data collection and analysis software from Splunk, Inc. in the United States. The software is primarily used to collect, index, and analyze machine-generated data, including data generated by all IT systems and infrastructures physical, virtual, and cloud.Splunk Web is one of...

6.1CVSS6.7AI score0.01432EPSS
Exploits0References1
CNVD
CNVD
added 2016/08/01 12:0 a.m.3 views

Splunk Web Open Redirect Vulnerability

Splunk is a suite of data collection and analysis software from Splunk, Inc. in the United States. The software is primarily used to collect, index, and analyze machine-generated data, including data generated by all IT systems and infrastructures physical, virtual, and cloud.Splunk Web is one of...

6.1CVSS6.7AI score0.00812EPSS
Exploits0References1
NVD
NVD
added 2015/09/29 7:59 p.m.24 views

CVE-2015-7604

Cross-site scripting XSS vulnerability in Splunk Web in Splunk Enterprise 6.2.x before 6.2.6 and Splunk Light 6.2.x before 6.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.0095EPSS
Exploits0References2
CVE
CVE
added 2015/09/29 7:0 p.m.54 views

CVE-2015-7604

The CVE-2015-7604 entry concerns Splunk Web in Splunk Enterprise 6.2.x prior to 6.2.6 and Splunk Light 6.2.x prior to 6.2.6, where an XSS flaw allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Affected component: Splunk Web in the 6.2.x line. Root cause detai...

4.3CVSS5.8AI score0.0095EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2015/08/18 3:59 p.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in Splunk Web in Splunk Enterprise 6.2.x before 6.2.4, 6.1.x before 6.1.8, 6.0.x before 6.0.9, and 5.0.x before 5.0.13 and Splunk Light 6.2.x before 6.2.4 allows remote attackers to inject arbitrary web script or HTML via a header...

4.3CVSS6.1AI score0.0136EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2015/08/18 3:0 p.m.44 views

CVE-2015-6515

CVE-2015-6515 involves an XSS flaw in Splunk Web for Splunk Enterprise (versions 6.2.x before 6.2.4, 6.1.x before 6.1.8, 6.0.x before 6.0.9, 5.0.x before 5.0.13) and Splunk Light 6.2.x before 6.2.4. The vulnerability allows remote attackers to inject arbitrary web script or HTML via an HTTP heade...

4.3CVSS5.8AI score0.0136EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2015/08/18 3:0 p.m.27 views

CVE-2015-6515

Cross-site scripting XSS vulnerability in Splunk Web in Splunk Enterprise 6.2.x before 6.2.4, 6.1.x before 6.1.8, 6.0.x before 6.0.9, and 5.0.x before 5.0.13 and Splunk Light 6.2.x before 6.2.4 allows remote attackers to inject arbitrary web script or HTML via a header...

5.7AI score0.0136EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/03/13 12:0 a.m.181 views

Splunk Enterprise 6.2.x < 6.2.2 Multiple Vulnerabilities (FREAK)

According to its version number, the Splunk Enterprise hosted on the remote web server is version 6.2.x prior to 6.2.2. It is, therefore, affected by the following vulnerabilities : - A flaw exists with ECDH handshakes when using an ECDSA certificate without a ServerKeyExchange message. This allo...

5CVSS7.4AI score0.98685EPSS
Exploits0References4
NVD
NVD
added 2014/10/16 7:55 p.m.15 views

CVE-2014-8303

Cross-site scripting XSS vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.4 and 6.0.x before 6.0.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to event parsing...

4.3CVSS5.6AI score0.01351EPSS
Exploits0References2
NVD
NVD
added 2014/10/16 7:55 p.m.22 views

CVE-2014-8301

Cross-site scripting XSS vulnerability in Splunk Web in Splunk Enterprise 5.0.x before 5.0.10 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header...

4.3CVSS5.7AI score0.00942EPSS
Exploits0References1
Prion
Prion
added 2014/10/16 7:55 p.m.23 views

Cross site scripting

Cross-site scripting XSS vulnerability in Splunk Web in Splunk Enterprise 5.0.x before 5.0.10 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header...

4.3CVSS6.1AI score0.00942EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2014/10/16 7:0 p.m.30 views

CVE-2014-8303

Cross-site scripting XSS vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.4 and 6.0.x before 6.0.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to event parsing...

5.6AI score0.01351EPSS
Exploits0References2
CVE
CVE
added 2014/10/16 7:0 p.m.56 views

CVE-2014-8301

CVE-2014-8301 is a cross-site scripting (XSS) vulnerability in Splunk Web of Splunk Enterprise 5.0.x prior to 5.0.10. The issue arises from improper handling/validation of the HTTP Referer header, allowing remote attackers to inject arbitrary web script or HTML into a user’s browser session. The ...

4.3CVSS5.8AI score0.00942EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2014/10/16 7:0 p.m.56 views

CVE-2014-8302

CVE-2014-8302 is a documented cross-site scripting (XSS) vulnerability in Splunk Web for Splunk Enterprise. Affected are Splunk Web dashboards in: 6.1.x before 6.1.4, 6.0.x before 6.0.6, and 5.0.x before 5.0.10. The issue arises from improper validation in the dashboard-related components, allowi...

3.5CVSS5.8AI score0.00759EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2014/10/16 7:0 p.m.50 views

CVE-2014-8303

CVE-2014-8303 is a documented cross-site scripting (XSS) vulnerability in Splunk Web for Splunk Enterprise 6.1.x before 6.1.4 and 6.0.x before 6.0.6. The issue allows a remote attacker to inject arbitrary web script or HTML via vectors related to event parsing. The NVD entry provides a base score...

4.3CVSS5.7AI score0.01351EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2014/08/12 8:55 p.m.21 views

Cross site scripting

Cross-site scripting XSS vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.3 allows remote attackers to inject arbitrary web script or HTML via the Referer HTTP header...

4.3CVSS6.1AI score0.01773EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2014/08/12 8:0 p.m.53 views

CVE-2014-5198

The CVE-2014-5198 entry concerns Splunk Enterprise 6.1.x prior to 6.1.3 where an XSS vulnerability exists in Splunk Web. The root cause is improper handling/validation of the Referer header, allowing remote attackers to inject arbitrary web script or HTML in the victim’s browser. Affected compone...

4.3CVSS5.8AI score0.01773EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2014/04/02 4:6 p.m.18 views

Cross site scripting

Cross-site scripting XSS vulnerability in Splunk Web in Splunk before 5.0.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.1AI score0.01823EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2014/01/23 3:55 p.m.17 views

Cross site scripting

Cross-site scripting XSS vulnerability in Splunk Web in Splunk 5.0.0 through 5.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.1AI score0.01808EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2014/01/23 3:0 p.m.59 views

CVE-2012-6447

Concretely, CVE-2012-6447 affects Splunk Web in Splunk 5.0.0–5.0.2, where a cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary script/HTML via unspecified vectors. The issue is mitigated by upgrading to a fixed release (e.g., Splunk 5.0.3 or later) as indicated b...

4.3CVSS5.8AI score0.01808EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder