Lucene search
K

4 matches found

CVE
CVE
added 2022/11/04 10:19 p.m.81 views

CVE-2022-43562

CVE-2022-43562 | Splunk Enterprise : The issue is a Host header validation/escaping flaw in Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2. A remote authenticated user could exploit this to perform attacks such as cross-site scripting and cache poisoning. Root cause is improper handlin...

5.4CVSS4.3AI score0.00412EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2022/11/04 10:19 p.m.12 views

CVE-2022-43562 Host Header Injection in Splunk Enterprise

In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, Splunk Enterprise fails to properly validate and escape the Host header, which could let a remote authenticated user conduct various attacks against the system, including cross-site scripting and cache poisoning...

3CVSS6AI score0.00412EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/11/04 10:19 p.m.23 views

CVE-2022-43562 Host Header Injection in Splunk Enterprise

In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, Splunk Enterprise fails to properly validate and escape the Host header, which could let a remote authenticated user conduct various attacks against the system, including cross-site scripting and cache poisoning...

3CVSS5.3AI score0.00412EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/11/03 12:0 a.m.28 views

Splunk Enterprise 8.1 < 8.1.12, 8.2.0 < 8.2.9, 9.0.0 < 9.0.2 (SVD-2022-1102)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2022-1102 advisory. - In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, Splunk Enterprise fails to properly validate and escape the Hos...

5.4CVSS5.4AI score0.00412EPSS
Exploits0References2
Rows per page
Query Builder