CVE-2010-3323 - CERT CVE

  1. CVE-2010-3323

ID CVE-2010-3323
Sažetak Splunk 4.0.0 through 4.1.4 allows remote attackers to conduct session hijacking attacks and obtain the splunkd session key via vectors related to the SPLUNKD_SESSION_KEY parameter.
Reference
CVSS
Base: 4.6
Impact: 6.4
Exploitability:3.9
Pristup
VektorSloženostAutentikacija
NETWORK HIGH SINGLE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL PARTIAL PARTIAL
CVSS vektor AV:N/AC:H/Au:S/C:P/I:P/A:P
Zadnje važnije ažuriranje 14-09-2010 - 17:00
Objavljeno 14-09-2010 - 17:00