PROBLEM:
Splunk Multiple Cross-Site Scripting and Denial of Service Vulnerabilities
PLATFORM:
Splunk versions 4.3.5 and 5.0
ABSTRACT:
Splunk is prone to multiple vulnerabilities
REFERENCE LINKS:
SecurityTracker Alert ID: 1027785
SecurityTracker Alert ID: 1027784
Bugtraq ID: 56581
Secunia Advisory SA51337
Secunia Advisory SA51351
Splunk Vulnerability Descriptions
IMPACT ASSESSMENT:
Medium
DISCUSSION:
Splunk is prone to multiple cross-site scripting vulnerabilities and a denial-of-service vulnerability because it fails to properly handle user-supplied input.
An attacker may leverage these issues to cause denial-of-service conditions or to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
IMPACT:
Some vulnerabilities have been reported in Splunk, which can be exploited by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service).
SOLUTION:
Splunk recommends that all vulnerable instances of Splunk be updated to the latest release.