First published: Fri May 06 2022(Updated: )
When handling a mismatched pre-authentication cookie, the application leaks the internal error message in the response, which contains the Splunk Enterprise local system path. The vulnerability impacts Splunk Enterprise versions before 8.1.0.
Credit: prodsec@splunk.com
Affected Software | Affected Version | How to fix |
---|---|---|
Splunk Splunk | <8.1.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.