Splunk Referer Header Cross-Site Scripting Vulnerability Network Vulnerability

Summary

This host is installed with Splunk and is prone to cross-site scripting vulnerability.

Impact

Successful exploitation will allow attacker to execute arbitrary HTML and script code in a user's browser session in the context of an affected site. Impact Level: Application

Solution

Upgrade to version 6.1.3 or later, For updates refer to http://www.splunk.com/download

Insight

Input passed via the Referer header in HTTP GET is not properly sanitized before being returned to the user

Affected

Splunk Version 6.1.x before 6.1.3

Detection

Send a crafted data via HTTP GET request and check whether it is able to read cookie or not.

References

http://packetstormsecurity.com/files/126813
http://secunia.com/advisories/59940
http://www.securitytracker.com/id/1030690
http://www.splunk.com/view/SP-CAAAM9H

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-5198

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Apache Subversion Module Metadata Accessible
AMSI 'file' Parameter Directory Traversal Vulnerability
AjaXplorer 'doc_file' Parameter Local File Disclosure Vulnerability
Apache OFBiz Multiple Cross Site Scripting Vulnerabilities
Apache Tomcat HTTP BIO Connector Information Disclosure Vulnerability

Take action and discover your vulnerabilities