Back to search
CVE-2017-17067
Published: Nov 30, 2017
Modified: Aug 5, 2024
PUBLISHED
Description
Splunk Web in Splunk Enterprise 7.0.x before 7.0.0.1, 6.6.x before 6.6.3.2, 6.5.x before 6.5.6, 6.4.x before 6.4.9, and 6.3.x before 6.3.12, when the SAML authType is enabled, mishandles SAML, which allows remote attackers to bypass intended access restrictions or conduct impersonation attacks.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
102005
vdb-entry
x_refsource_BID
https://www.splunk.com/view/SP-CAAAP3K
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now