PT-2020-7559 · Splunk+1 · Universal Forwarder+2
Published
2020-01-23
·
Updated
2020-01-27
·
CVE-2013-6773
CVSS v2.0
4.6
Medium
| Vector | AV:L/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions:
Splunk version 5.0.3
Description:
The issue allows an attacker to escalate privileges due to an Unquoted Service Path in Windows for Universal Forwarder.
Recommendations:
For version 5.0.3, update to a version that quotes the service path to prevent privilege escalation.
Fix
Improper Privilege Management
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Splunk
Universal Forwarder
Windows