4.6

CVE-2011-4642

Exploit
mappy.py in Splunk Web in Splunk 4.2.x before 4.2.5 does not properly restrict use of the mappy command to access Python classes, which allows remote authenticated administrators to execute arbitrary code by leveraging the sys module in a request to the search application, as demonstrated by a cross-site request forgery (CSRF) attack, aka SPL-45172.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SplunkSplunk Version4.2
SplunkSplunk Version4.2.1
SplunkSplunk Version4.2.2
SplunkSplunk Version4.2.3
SplunkSplunk Version4.2.4
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 28.93% 0.979
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.6 3.9 6.4
AV:N/AC:H/Au:S/C:P/I:P/A:P
CWE-352 Cross-Site Request Forgery (CSRF)

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

http://secunia.com/advisories/47232
http://www.exploit-db.com/exploits/18245/
Exploit
http://www.sec-1.com/blog/?p=233
Exploit
http://www.sec-1.com/blog/wp-content/uploads/2011/12/Attacking_Splunk_Release.pdf
Exploit
http://www.securitytracker.com/id?1026451
http://www.splunk.com/view/SP-CAAAGMM
Vendor Advisory