Multiple directory traversal vulnerabilities in Splunk 4.x prior to 4.2.5 allow remote authenticated users to read arbitrary files via a .. (dot dot) in a URI to (1) Splunk Web or (2) the Splunkd HTTP Server, aka SPL-45243.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
splunk splunk 4.0 |
||
splunk splunk 4.0.1 |
||
splunk splunk 4.0.9 |
||
splunk splunk 4.0.10 |
||
splunk splunk 4.1.5 |
||
splunk splunk 4.1.6 |
||
splunk splunk 4.2.4 |
||
splunk splunk 4.0.5 |
||
splunk splunk 4.0.6 |
||
splunk splunk 4.1.1 |
||
splunk splunk 4.1.2 |
||
splunk splunk 4.2 |
||
splunk splunk 4.2.1 |
||
splunk splunk 4.0.2 |
||
splunk splunk 4.0.3 |
||
splunk splunk 4.0.4 |
||
splunk splunk 4.0.11 |
||
splunk splunk 4.1 |
||
splunk splunk 4.1.7 |
||
splunk splunk 4.1.8 |
||
splunk splunk 4.0.7 |
||
splunk splunk 4.0.8 |
||
splunk splunk 4.1.3 |
||
splunk splunk 4.1.4 |
||
splunk splunk 4.2.2 |
||
splunk splunk 4.2.3 |