SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Splunk Vendors:   Splunk Inc.
Splunk 'Data Preview' Function Lets Remote Authenticated Users Traverse the Directory
SecurityTracker Alert ID:  1027476
SecurityTracker URL:  http://securitytracker.com/id/1027476
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Sep 4 2012
Impact:   Disclosure of system information, Disclosure of user information
Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): 4.3.3 and prior versions
Description:   A vulnerability was reported in Splunk. A remote authenticated user can view files on the target system.

A remote authenticated administrative user can supply a specially crafted request to the 'Data Preview' function to view arbitrary files on the target system with the privileges of the splunkd process.

The vulnerable function is located in the 'Manager', 'Data Inputs', 'Files & Directories' menu.

The vendor was notified on August 3, 2012.

Marcio Almeida of CIPHER Intelligence Labs reported this vulnerability.

Impact:   A remote authenticated administrative user can view files on the target system.
Solution:   No solution was available at the time of this entry.

[Editor's note: The report notes that the vendor does not consider the Data Preview function's behavior to be a vulnerability.]

Vendor URL:  www.splunk.com/ (Links to External Site)
Cause:   Access control error, Input validation error
Underlying OS:  Linux (Any), UNIX (AIX), UNIX (FreeBSD), UNIX (HP/UX), UNIX (macOS/OS X), UNIX (Solaris - SunOS), Windows (Any)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC