PT-2014-3198 · Splunk · Splunk

Gerhard Muntingh

Publicado

2014-04-03

Atualizado

2014-08-07

CVE-2013-6771

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Splunk versions prior to 5.0.5

Description The issue allows remote attackers to execute arbitrary commands, potentially leading to remote code execution. This is due to a directory traversal vulnerability in the collect script, which can be exploited by including a .. (dot dot) in the file parameter.

Recommendations For versions prior to 5.0.5, update to version 5.0.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the collect script to minimize the risk of exploitation. Avoid using the file parameter with untrusted input in the collect script until the issue is resolved.

Correção

RCE

Path traversal

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-22

Identificadores relacionados

CVE-2013-6771

ZDI-14-052

ZDI-14-053

Produtos afetados

Splunk

PT-2014-3198 · Splunk · Splunk

CVE-2013-6771

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6