CVE-2017-5607

Splunk Enterprise 5.0.x before 5.0.18, 6.0.x before 6.0.14, 6.1.x before 6.1.13, 6.2.x before 6.2.13.1, 6.3.x before 6.3.10, 6.4.x before 6.4.6, and 6.5.x before 6.5.3 and Splunk Light before 6.5.2 assigns the $C JS property to the global Window namespace, which might allow remote attackers to obtain sensitive logged-in username and version-related information via a crafted webpage.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.5 LOW
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
splunksplunk
𝑥
≤ 6.5.1
splunksplunk
5.0.0 ≤
𝑥
< 5.0.18
splunksplunk
6.0.0 ≤
𝑥
< 6.0.14
splunksplunk
6.1.0 ≤
𝑥
< 6.1.13
splunksplunk
6.2.0 ≤
𝑥
< 6.2.13.1
splunksplunk
6.3.0 ≤
𝑥
< 6.3.10
splunksplunk
6.4.0 ≤
𝑥
< 6.4.6
splunksplunk
6.5.0 ≤
𝑥
< 6.5.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://hyp3rlinx.altervista.org/advisories/SPLUNK-ENTERPRISE-INFORMATION-THEFT.txt
http://seclists.org/fulldisclosure/2017/Mar/89
http://www.securityfocus.com/archive/1/540346/100/0/threaded
http://www.securityfocus.com/bid/97265
http://www.securityfocus.com/bid/97286
http://www.securitytracker.com/id/1038170
https://www.exploit-db.com/exploits/41779/
https://www.splunk.com/view/SP-CAAAPZ3#InformationLeakageviaJavaScriptCVE20175607
http://hyp3rlinx.altervista.org/advisories/SPLUNK-ENTERPRISE-INFORMATION-THEFT.txt
http://seclists.org/fulldisclosure/2017/Mar/89
http://www.securityfocus.com/archive/1/540346/100/0/threaded
http://www.securityfocus.com/bid/97265
http://www.securityfocus.com/bid/97286
http://www.securitytracker.com/id/1038170
https://www.exploit-db.com/exploits/41779/
https://www.splunk.com/view/SP-CAAAPZ3#InformationLeakageviaJavaScriptCVE20175607