CVE-2016-10126 in Enterpriseinfo

Summary

Splunk Web in Splunk Enterprise 5.0.x before 5.0.17, 6.0.x before 6.0.13, 6.1.x before 6.1.12, 6.2.x before 6.2.12, 6.3.x before 6.3.8, and 6.4.x before 6.4.4 allows remote attackers to conduct HTTP request injection attacks and obtain sensitive REST API authentication-token information via unspecified vectors, aka SPL-128840.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

01/09/2017

Disclosure

01/10/2017

Moderation

VulDB entry created

Entries

1: VDB-95112

CPE

ready

CWE

CWE-264 (Confirmed)

CVSS

8.5

EPSS

0.01373

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-10126
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-10126
CVE Details	https://www.cvedetails.com/cve/CVE-2016-10126/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!