CVE-2016-4856 Splunk Enterprise and Light Multiple Vulnerabilities (SP-CAAAPN9)

漏洞类别:CGI

漏洞等级:

漏洞信息

Splunk Enterprise captures, indexes and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards and visualizations.

Splunk Enterprise is affected by multiple cross site scripting vulnerabilities:
Cross Site Scripting in Splunk Web (SPL-117191)
Cross Site Scripting in Splunk Web (SPL-115927)

Affected Versions:
Splunk Enterprise versions 6.4.x prior to 6.4.1 and 6.3.x before 6.3.5
Splunk Light versions 6.4.x prior to 6.4.1 and 6.3.x before 6.3.5

QID Detection Logic(Remote)
It checks for vulnerable version of Splunk Enterprise and Light.

漏洞危害

An unauthenticated, remote attacker could exploit these vulnerabilities to execute arbitrary Javascript code.

解决方案

Vendor has released updated versions to fix these vulnerabilities. Please refer SP-CAAAPN9 for more details.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

SP-CAAAPN9

Leave a Reply