CVE-2016-4857

Published: May 12, 2017

Modified: Aug 6, 2024

PUBLISHED

Description

Open redirect vulnerability in Splunk Enterprise 6.4.x prior to 6.4.2, Splunk Enterprise 6.3.x prior to 6.3.6, Splunk Enterprise 6.2.x prior to 6.2.11 and Splunk Light prior to 6.4.2 allows to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

Vendor	Product	Versions
Splunk Inc.	Splunk Enterprise	affected `6.4.x prior to 6.4.2` affected `6.3.x prior to 6.3.6` affected `6.2.x prior to 6.2.11`
Splunk Inc.	Splunk Light	affected `prior to 6.4.2`

References

https://www.splunk.com/view/SP-CAAAPQM

x_refsource_CONFIRM

JVN#39926655

third-party-advisory

x_refsource_JVN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2016-4857

Description

Affected Products

References