Vulnerability Details : CVE-2017-5607
Splunk Enterprise 5.0.x before 5.0.18, 6.0.x before 6.0.14, 6.1.x before 6.1.13, 6.2.x before 6.2.13.1, 6.3.x before 6.3.10, 6.4.x before 6.4.6, and 6.5.x before 6.5.3 and Splunk Light before 6.5.2 assigns the $C JS property to the global Window namespace, which might allow remote attackers to obtain sensitive logged-in username and version-related information via a crafted webpage.
Vulnerability category: Information leak
Products affected by CVE-2017-5607
- cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
- cpe:2.3:a:splunk:splunk:*:*:*:*:light:*:*:*
- cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
- cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
- cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
- cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
- cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
- cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-5607
1.44%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 87 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-5607
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
3.5
|
LOW | AV:N/AC:M/Au:S/C:P/I:N/A:N |
6.8
|
2.9
|
NIST | |
3.5
|
LOW | CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N |
2.1
|
1.4
|
NIST |
CWE ids for CVE-2017-5607
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-5607
-
http://www.securitytracker.com/id/1038170
Splunk Bugs Let Remote Users Obtain Potentially Sensitive Information and Remote Authenticated Users Conduct Cross-Site Scripting Attacks - SecurityTrackerThird Party Advisory;VDB Entry
-
https://www.splunk.com/view/SP-CAAAPZ3#InformationLeakageviaJavaScriptCVE20175607
Splunk Enterprise 6.5.3, 6.2.13.1 and Splunk Light 6.5.2 address multiple vulnerabilities | SplunkVendor Advisory
-
http://www.securityfocus.com/bid/97286
Splunk Enterprise HTML Injection VulnerabilityThird Party Advisory;VDB Entry
-
http://seclists.org/fulldisclosure/2017/Mar/89
Full Disclosure: Splunk Enterprise Information Theft - CVE-2017-5607Exploit;Mailing List;Third Party Advisory
-
https://www.exploit-db.com/exploits/41779/
Splunk Enterprise - Information DisclosureExploit;Third Party Advisory;VDB Entry
-
http://www.securityfocus.com/archive/1/540346/100/0/threaded
SecurityFocusExploit;VDB Entry;Third Party Advisory
-
http://www.securityfocus.com/bid/97265
Splunk Enterprise CVE-2017-5607 Information Disclosure VulnerabilityThird Party Advisory;VDB Entry
-
http://hyp3rlinx.altervista.org/advisories/SPLUNK-ENTERPRISE-INFORMATION-THEFT.txt
Exploit;Third Party Advisory
Jump to