Splunk Dashboard Cross-Site Scripting Vulnerability - Feb15 Network Vulnerability

Summary

The host is installed with Splunk and is prone to cross-site scripting vulnerability.

Impact

Successful exploitation will allow remote attackers to execute arbitrary HTML and script code in a user's browser session in the context of an affected site. Impact Level: Application

Solution

Upgrade to Splunk version 5.0.10 or 6.0.6 or 6.1.4 or later. For updates refer to http://www.splunk.com

Insight

Flaw is due improper validation of user-supplied input passed via the vector related to dashboard.

Affected

Splunk version 5.0.x before 5.0.10 and 6.0.x before 6.0.6 and 6.1.x before 6.1.4

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://osvdb.org/112489
http://www.securitytracker.com/id/1030994
http://www.splunk.com/view/SP-CAAANHS#announce2

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-8302

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Apache mod_proxy_ajp Information Disclosure Vulnerability
2532|Gigs Directory Traversal And SQL Injection Multiple Vulnerabilities
Adobe ColdFusion Unspecified Information Disclosure Vulnerability
Apache Web Server Configuration File Environment Variable Local Buffer Overflow Vulnerability
AlienForm CGI script

Take action and discover your vulnerabilities