CVE-2010-2504 - Unspecified vulnerability in Splunk

ID

ID

CVE-2010-2504
Last update

Last update

2010-06-29
Published

Published

2010-06-28
Summary

Summary

Splunk 4.0 through 4.0.10 and 4.1 through 4.1.1 allows remote authenticated users to obtain sensitive information via HTTP header injection, aka SPL-31066.
Vulnerable Configurations

Vulnerable Configurations

CVSS

CVSS

Base: 6.0 (as of 29-06-2010 - 04:00)
Impact: n/a
Exploitability: n/a
CWE

CWE

CAPEC

CAPEC

Access

Access

Vector Complexity Authentication
NETWORK MEDIUM SINGLE
Impact

Impact

Confidentiality Integrity Availability
PARTIAL PARTIAL PARTIAL
Refmap

Refmap

confirmhttp://www.splunk.com/view/SP-CAAAFGD
References

References