CVE-2010-3323

Medium

4.6/10

Summary

Splunk 4.0.0 through 4.1.4 allows remote attackers to conduct session hijacking attacks and obtain the splunkd session key via vectors related to the SPLUNKD_SESSION_KEY parameter.

Access Complexity: HIGH
AccessVector: NETWORK
Authentication: SINGLE
Integrity Impact: PARTIAL
Confidentiality Impact: PARTIAL
Availability Impact: PARTIAL

References

Advisory Timeline

Published Sep 14, 2010

CVE-2010-3323

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS