Splunk Enterprise 5.0.x before 5.0.18, 6.0.x before 6.0.14, 6.1.x before 6.1.13, 6.2.x before 6.2.13.1, 6.3.x before 6.3.10, 6.4.x before 6.4.6, and 6.5.x before 6.5.3 and Splunk Light before 6.5.2 assigns the $C JS property to the global Window namespace, which might allow remote attackers to obtain sensitive logged-in username and version-related information via a crafted webpage.
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
| Link | Tags |
|---|---|
| http://www.securitytracker.com/id/1038170 | third party advisory vdb entry |
| https://www.exploit-db.com/exploits/41779/ | third party advisory vdb entry exploit |
| http://hyp3rlinx.altervista.org/advisories/SPLUNK-ENTERPRISE-INFORMATION-THEFT.txt | third party advisory exploit |
| http://www.securityfocus.com/bid/97286 | third party advisory vdb entry |
| http://seclists.org/fulldisclosure/2017/Mar/89 | mailing list third party advisory exploit |
| https://www.splunk.com/view/SP-CAAAPZ3#InformationLeakageviaJavaScriptCVE20175607 | vendor advisory |
| http://www.securityfocus.com/archive/1/540346/100/0/threaded | mailing list third party advisory vdb entry exploit |
| http://www.securityfocus.com/bid/97265 | third party advisory vdb entry |