Detections
Analytics

Splunk Enterprise < 5.0.18 / 6.0.14 / 6.1.13 / 6.2.13.1 / 6.3.10 / 6.4.6 / 6.5.3 / Splunk Light < 6.5.3 Multiple Vulnerabilities

low Nessus Plugin ID 99235

Language:

Synopsis

An application running on the remote web server is affected by multiple vulnerabilities.

Description

According to its self-reported version number, the version of Splunk running on the remote web server is Splunk Light 6.5.x prior to 6.5.3 or Splunk Enterprise 5.0.x prior to 5.0.18, 6.0.x prior to 6.0.14, 6.1.x prior to 6.1.13, 6.2.x prior to 6.2.13.1, 6.3.x prior to 6.3.10, 6.4.x prior to 6.4.6, or 6.5.x prior to 6.5.3. It is, therefore, affected by multiple vulnerabilities :

 - An information disclosure vulnerability exists due to various system information being assigned to the global window property '$C' when a request is made to '/en-US/config?autoload=1'. An unauthenticated, remote attacker attacker can exploit this, by convincing user to visit a specially crafted web page, to disclose sensitive information. (CVE-2017-5607)

 - A stored cross-site scripting (XSS) vulnerability exists in the web interface due to improper validation of unspecified input before returning to users. An authenticated, remote attacker can exploit this, via a specially crafted request, to execute arbitrary script code in a user's browser session.

 - Multiple cross-site scripting (XSS) vulnerabilities exist due to improper validation of user-supplied input.
 An unauthenticated, remote attacker can exploit these vulnerabilities, via a specially crafted request, to execute arbitrary script code in a user's browser session. Note that these vulnerabilities only affect Splunk Enterprise 6.4.x prior to 6.4.7 and Splunk Light 6.5.x prior to 6.5.3.
- An error message spoofing vulnerability exists that allows an unauthenticated, remote attacker to spoof the contents of error messages by convincing a user to visit a specially crafted website.

Solution

Upgrade to Splunk Enterprise version 5.0.18 / 6.0.14 / 6.1.13 / 6.2.13.1 / 6.3.10 / 6.4.6 / 6.5.3 or later.

See Also

https://www.splunk.com/view/SP-CAAAPZ3

https://www.splunk.com/view/SP-CAAAP2K

https://www.splunk.com/view/SP-CAAAP2U

Plugin Details

Severity: Low

ID: 99235

File Name: splunk_653.nasl

Version: 1.11

Type: remote

Family: CGI abuses

Published: 4/6/2017

Updated: 11/13/2019

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 2.2

CVSS v2

Risk Factor: Low

Base Score: 3.5

Temporal Score: 2.7

Vector: CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:N

CVSS Score Source: CVE-2017-5607

CVSS v3

Risk Factor: Low

Base Score: 3.5

Temporal Score: 3.2

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:splunk:splunk

Required KB Items: installed_sw/Splunk

Exploit Available: true

Exploit Ease: No exploit is required

Patch Publication Date: 3/27/2017

Vulnerability Publication Date: 3/27/2017

Reference Information

CVE: CVE-2017-5607

BID: 97265, 97286, 98989