PT-2018-10552 · Splunk · Splunk

Kof2002

Published

2018-06-08

Updated

2018-07-31

CVE-2018-11409

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Splunk versions prior to 7.0.1

Description The issue allows information disclosure by appending "/api/v1/server/info/server-info?output mode=json" to a query. This can be used to discover sensitive information, such as a license key.

Recommendations For versions prior to 7.0.1, consider restricting access to the "/api/v1/server/info/server-info" endpoint to minimize the risk of exploitation. Avoid using the output mode parameter with the value json in the affected API endpoint until the issue is resolved.

Exploit

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2018-11409

Affected Products

Splunk

PT-2018-10552 · Splunk · Splunk

CVE-2018-11409

Weakness Enumeration

Related Identifiers

Affected Products

References · 6