PT-2018-18064 · Splunk · Splunk Enterprise+1

Publicado

2018-10-23

Atualizado

2018-12-10

CVE-2018-7429

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions 6.2.x through 6.2.13 Splunk Enterprise versions 6.3.x through 6.3.10 Splunk Enterprise versions 6.4.x through 6.4.7 Splunk Light versions prior to 6.5.0

Description The issue allows remote attackers to cause a denial of service via a malformed HTTP request.

Recommendations For Splunk Enterprise versions 6.2.x through 6.2.13, update to version 6.2.14 or later. For Splunk Enterprise versions 6.3.x through 6.3.10, update to version 6.3.11 or later. For Splunk Enterprise versions 6.4.x through 6.4.7, update to version 6.4.8 or later. For Splunk Light versions prior to 6.5.0, update to version 6.5.0 or later.

Correção

DoS

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

CVE-2018-7429

Produtos afetados

Splunk Enterprise

Splunk Light

PT-2018-18064 · Splunk · Splunk Enterprise+1

CVE-2018-7429

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3