CVE-2010-3322

Name of the Vulnerable Software and Affected Versions Splunk versions 4.0.0 through 4.1.4

Description The XML parser in Splunk allows remote authenticated users to obtain sensitive information and gain privileges via an XML External Entity (XXE) attack. This issue affects the XML parser, which can be exploited to gain unauthorized access to sensitive data.

Recommendations For Splunk versions 4.0.0 through 4.1.4, update to a version that fixes the XML External Entity (XXE) vulnerability to prevent remote authenticated users from obtaining sensitive information and gaining privileges. At the moment, there is no information about a newer version that contains a fix for this vulnerability.