You are here

V-028: Splunk Multiple Cross-Site Scripting and Denial of Service Vulnerabilities

November 20, 2012 - 2:00am

Addthis

PROBLEM:

Splunk Multiple Cross-Site Scripting and Denial of Service Vulnerabilities

PLATFORM:

Splunk versions 4.3.5 and 5.0

ABSTRACT:

Splunk is prone to multiple vulnerabilities

REFERENCE LINKS:

SecurityTracker Alert ID:  1027785
SecurityTracker Alert ID:  1027784
Bugtraq ID:  56581
Secunia Advisory SA51337
Secunia Advisory SA51351
Splunk Vulnerability Descriptions

IMPACT ASSESSMENT:

Medium

DISCUSSION:

Splunk is prone to multiple cross-site scripting vulnerabilities and a denial-of-service vulnerability because it fails to properly handle user-supplied input.

An attacker may leverage these issues to cause denial-of-service conditions or to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

IMPACT:

Some vulnerabilities have been reported in Splunk, which can be exploited by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service).

SOLUTION:

Splunk recommends that all vulnerable instances of Splunk be updated to the latest release.

Addthis