Splunk Event Parsing Cross-Site Scripting Vulnerability - Feb15 Network Vulnerability

Summary

The host is installed with Splunk and is prone to cross-site scripting vulnerability.

Impact

Successful exploitation will allow remote attackers to execute arbitrary HTML and script code in a user's browser session in the context of an affected site. Impact Level: Application

Solution

Upgrade to Splunk version 6.0.6 or 6.1.4 or later. For updates refer to http://www.splunk.com

Insight

Flaw is due improper validation of user-supplied input passed via the vector related to event parsing.

Affected

Splunk version 6.0.x before 6.0.6 and 6.1.x before 6.1.4

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://osvdb.org/112490
http://www.securitytracker.com/id/1030994
http://www.splunk.com/view/SP-CAAANHS#announce3

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-8303

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Apache Struts2 showcase namespace XSS Vulnerability
Apache Tomcat source.jsp malformed request information disclosure
Apache Tomcat 'sendfile' Request Attributes Information Disclosure Vulnerability
Allegro RomPager HTTP Referer Header Cross Site Scripting Vulnerability
Apache Tomcat NIO Connector Denial of Service Vulnerability

Take action and discover your vulnerabilities