CVE-2011-4644
EUVD-2011-456203.01.2012, 11:55
Splunk 4.2.5 and earlier, when a Free license is selected, enables potentially undesirable functionality within an environment that intentionally does not support authentication, which allows remote attackers to (1) read arbitrary files via a management-console session that leverages the ability to create crafted data sources, or (2) execute management commands via an HTTP request.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| splunk | splunk | 𝑥 ≤ 4.2.5 |
| splunk | splunk | 2.1 |
| splunk | splunk | 2.2 |
| splunk | splunk | 2.2.1 |
| splunk | splunk | 2.2.3 |
| splunk | splunk | 2.2.6 |
| splunk | splunk | 3.0 |
| splunk | splunk | 3.0.1 |
| splunk | splunk | 3.0.2 |
| splunk | splunk | 3.1 |
| splunk | splunk | 3.1.1 |
| splunk | splunk | 3.1.2 |
| splunk | splunk | 3.1.3 |
| splunk | splunk | 3.1.4 |
| splunk | splunk | 3.2 |
| splunk | splunk | 3.2.1 |
| splunk | splunk | 3.2.2 |
| splunk | splunk | 3.2.3 |
| splunk | splunk | 3.2.4 |
| splunk | splunk | 3.2.5 |
| splunk | splunk | 3.2.6 |
| splunk | splunk | 3.3 |
| splunk | splunk | 3.3.1 |
| splunk | splunk | 3.3.2 |
| splunk | splunk | 3.3.3 |
| splunk | splunk | 3.3.4 |
| splunk | splunk | 3.4 |
| splunk | splunk | 3.4.1 |
| splunk | splunk | 3.4.2 |
| splunk | splunk | 3.4.3 |
| splunk | splunk | 3.4.5 |
| splunk | splunk | 3.4.6 |
| splunk | splunk | 3.4.8 |
| splunk | splunk | 3.4.9 |
| splunk | splunk | 3.4.10 |
| splunk | splunk | 3.4.11 |
| splunk | splunk | 3.4.12 |
| splunk | splunk | 3.4.13 |
| splunk | splunk | 3.4.14 |
| splunk | splunk | 4.0 |
| splunk | splunk | 4.0.1 |
| splunk | splunk | 4.0.2 |
| splunk | splunk | 4.0.3 |
| splunk | splunk | 4.0.4 |
| splunk | splunk | 4.0.5 |
| splunk | splunk | 4.0.6 |
| splunk | splunk | 4.0.7 |
| splunk | splunk | 4.0.8 |
| splunk | splunk | 4.0.9 |
| splunk | splunk | 4.0.10 |
| splunk | splunk | 4.0.11 |
| splunk | splunk | 4.1 |
| splunk | splunk | 4.1.1 |
| splunk | splunk | 4.1.2 |
| splunk | splunk | 4.1.3 |
| splunk | splunk | 4.1.4 |
| splunk | splunk | 4.1.5 |
| splunk | splunk | 4.1.6 |
| splunk | splunk | 4.1.7 |
| splunk | splunk | 4.1.8 |
| splunk | splunk | 4.2 |
| splunk | splunk | 4.2.1 |
| splunk | splunk | 4.2.2 |
| splunk | splunk | 4.2.3 |
| splunk | splunk | 4.2.4 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References