Vulnerabilities > Splunk > Splunk > 4.1.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-09-14 | CVE-2010-3323 | Unspecified vulnerability in Splunk Splunk 4.0.0 through 4.1.4 allows remote attackers to conduct session hijacking attacks and obtain the splunkd session key via vectors related to the SPLUNKD_SESSION_KEY parameter. | 4.6 |
2010-09-14 | CVE-2010-3322 | XXE vulnerability in Splunk The XML parser in Splunk 4.0.0 through 4.1.4 allows remote authenticated users to obtain sensitive information and gain privileges via an XML External Entity (XXE) attack to unknown vectors. | 8.8 |