A vulnerability has be found in Splunk 4.0 - 4.3 that allows partial confidentiality and integrity violation, when a user click on a specifically crafted link that can disclose sensitive information to the attacker. Splunk recommend consumers upgrade to version 4.3.1 and to follow its hardening standard  to mitigate the risk of exploitation.
Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu
Mar 7th 2012
8 years ago