CVE-2017-5880

Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions 6.5.x before 6.5.2 Splunk Enterprise versions 6.4.x before 6.4.5 Splunk Enterprise versions 6.3.x before 6.3.9 Splunk Enterprise versions 6.2.x before 6.2.13 Splunk Enterprise versions 6.1.x before 6.1.12 Splunk Enterprise versions 6.0.x before 6.0.13 Splunk Enterprise versions 5.0.x before 5.0.17 Splunk Light versions before 6.5.2

Description The issue allows remote authenticated users to cause a denial of service via a crafted GET request. This can lead to a daemon crash in Splunk Web.

Recommendations For Splunk Enterprise versions 6.5.x before 6.5.2, update to version 6.5.2 or later. For Splunk Enterprise versions 6.4.x before 6.4.5, update to version 6.4.5 or later. For Splunk Enterprise versions 6.3.x before 6.3.9, update to version 6.3.9 or later. For Splunk Enterprise versions 6.2.x before 6.2.13, update to version 6.2.13 or later. For Splunk Enterprise versions 6.1.x before 6.1.12, update to version 6.1.12 or later. For Splunk Enterprise versions 6.0.x before 6.0.13, update to version 6.0.13 or later. For Splunk Enterprise versions 5.0.x before 5.0.17, update to version 5.0.17 or later. For Splunk Light versions before 6.5.2, update to version 6.5.2 or later.