Open redirect vulnerability in Splunk Enterprise 6.4.x prior to 6.4.3, Splunk Enterprise 6.3.x prior to 6.3.6, Splunk Enterprise 6.2.x prior to 6.2.10, Splunk Enterprise 6.1.x prior to 6.1.11, Splunk Enterprise 6.0.x prior to 6.0.12, Splunk Enterprise 5.0.x prior to 5.0.16 and Splunk Light prior to 6.4.3 allows to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/92603 | Third Party Advisory VDB Entry |
https://jvn.jp/en/jp/JVN64800312/index.html | Third Party Advisory VDB Entry |
https://www.splunk.com/view/SP-CAAAPQ6 | Vendor Advisory |
http://www.securityfocus.com/bid/92603 | Third Party Advisory VDB Entry |
https://jvn.jp/en/jp/JVN64800312/index.html | Third Party Advisory VDB Entry |
https://www.splunk.com/view/SP-CAAAPQ6 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 02:53
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securityfocus.com/bid/92603 - Third Party Advisory, VDB Entry | |
References | () https://jvn.jp/en/jp/JVN64800312/index.html - Third Party Advisory, VDB Entry | |
References | () https://www.splunk.com/view/SP-CAAAPQ6 - Vendor Advisory |
Information
Published : 2017-05-12 18:29
Updated : 2024-11-21 02:53
NVD link : CVE-2016-4859
Mitre link : CVE-2016-4859
CVE.ORG link : CVE-2016-4859
JSON object : View
Products Affected
splunk
- splunk
CWE
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')