The "runshellscript echo.sh" script in Splunk prior to 5.0.5 allows remote authenticated users to execute arbitrary commands via a crafted string. NOTE: this issue was SPLIT from CVE-2013-6771 per ADT2 due to different vulnerability types.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
splunk splunk |
||
splunk splunk 5.0.2 |
||
splunk splunk 5.0.1 |
||
splunk splunk 5.0 |
||
splunk splunk 5.0.3 |