Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.3
CVSSv3

CVE-2018-11409

Published: 08/06/2018 Updated: 31/07/2018
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9
VMScore: 506
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Splunk

Vulnerability Summary

Splunk up to and including 7.0.1 allows information disclosure by appending __raw/services/server/info/server-info?output_mode=json to a query, as demonstrated by discovering a license key.

Vulnerable Product Search on Vulmon Subscribe to Product

splunk splunk

Exploits

Exploit DB: Splunk < 7.0.1 - Information Disclosure
# Exploit Title: Splunk &lt; 701 - Information Disclosure # Date: 2018-05-23 # Exploit Author: KoF2002 # Vendor Homepage: wwwsplunkcom/ # Version: 623 - 701 MAYBE ALL VERSION AFFECTED # Tested on: Linux OS # CVE : CVE-2018-11409 # Splunk through 623 701 allows information disclosure by appending # /__raw/services/server/info/ser ...
Exploit DB: Splunk 6.2.3 / 7.0.1 Information Disclosure
Splunk versions 623 through 701 suffer from an information disclosure vulnerability ...

Github Repositories

https://github.com/kofa2002/splunk

splunk enterprise information disclosure

splunk Exploit Title: [information disclosure] Google Dork: [n/r] Date: [23/05/2018] Exploit Author: [KoF2002] Vendor Homepage: [wwwsplunkcom/] Software Link: [] Version: [623 - 701 MAYBE ALL VERSION AFFECTED] Tested on: [linux os] CVE : [CVE-2018-11409] [Attack Type] [Remote] Splunk through 623 701 allows information disclosure by appending /__raw/services/se

https://github.com/jam620/OSIN-Splunk

Investigación leve sobre Splunk en lo salvaje

OSINT de Splunk con Shodan Autor: José Moreno Recientemente he estado retomando un poco la búsquedas de vulnerabilidades principalmente para no olvidar las técnicas de reconocimiento que todos debemos dominar, en mi caso siempre trato de buscar sobre los temas de moda o que están sonando en las tendencias de seguridad informática Me encontr&e

References

CWE-200https://github.com/kofa2002/splunkhttps://www.exploit-db.com/exploits/44865/http://www.securitytracker.com/id/1041148https://nvd.nist.govhttps://github.com/kofa2002/splunkhttps://www.exploit-db.com/exploits/44865/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
IMAPCVE-2024-4367server-side request forgeryinformation disclosureCVE-2024-34342CVE-2024-4281CVE-2024-3507CVE-2024-25560CVE-2024-34574
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook