Open Redirect Vulnerability in Splunk Enterprise and Splunk Light
CVE-2016-4857

6.1MEDIUM

Key Information:

Vendor: Splunk
Status: Splunk Enterprise; Splunk Light
Vendor: CVE Published:; 12 May 2017

What is CVE-2016-4857?

An open redirect vulnerability exists in specific versions of Splunk Enterprise and Splunk Light, enabling attackers to redirect users to arbitrary websites. This flaw could be exploited to conduct phishing attacks, potentially deceiving users into providing sensitive information unknowingly. The vulnerability is present in Splunk Enterprise versions prior to 6.4.2, 6.3.6, and 6.2.11, as well as in Splunk Light prior to 6.4.2. Organizations using these versions are advised to update their software to mitigate risks associated with this vulnerability.

Affected Version(s)

Splunk Enterprise 6.4.x prior to 6.4.2

Splunk Enterprise 6.3.x prior to 6.3.6

Splunk Enterprise 6.2.x prior to 6.2.11

References

https://www.splunk.com/view/SP-CAAAPQM

x_refsource_CONFIRM

https://jvn.jp/en/jp/JVN39926655/index.html

third-party-advisoryx_refsource_JVN

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 12, 2017
Vulnerability Reserved
May 17, 2016