Splunk 6.1.2 Enterprise Edition
Approved changes feed: RSS · Atom
cpe:2.3:a:splunk:splunk:6.1.2:*:*:*:enterprise:*:*:*
part: a version: 6.1.2 update: *
| Vendor | Splunk (0f7ef08f-e3f5-59a4-ba5f-26afb7835b46) |
|---|---|
| Product | Splunk (22a1d8ad-9b0f-51c8-ad24-657c0c14204c) |
| Edition | * |
| Language | * |
| Software edition | enterprise |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2017-5880 |
vulnerable | 2026-06-03 14:37:26.558145 |
Details available
Splunk Web in Splunk Enterprise versions 6.5.x before 6.5.2, 6.4.x before 6.4.5, 6.3.x before 6.3.9, 6.2.x before 6.2.13, 6.1.x before 6.1.12, 6.0.x before 6.0.13, 5.0.x before 5.0.17 and Splunk Light versions before 6.5.2 allows remote authenticated users to cause a denial of service (daemon crash) via a crafted GET request, aka SPL-130279.
Published: 2017-02-04T05:20:00.000Z
Updated: 2024-08-05T15:11:48.737Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-4859 |
vulnerable | 2026-06-03 14:35:53.597497 |
Details available
Open redirect vulnerability in Splunk Enterprise 6.4.x prior to 6.4.3, Splunk Enterprise 6.3.x prior to 6.3.6, Splunk Enterprise 6.2.x prior to 6.2.10, Splunk Enterprise 6.1.x prior to 6.1.11, Splunk Enterprise 6.0.x prior to 6.0.12, Splunk Enterprise 5.0.x prior to 5.0.16 and Splunk Light prior to 6.4.3 allows to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Published: 2017-05-12T18:00:00.000Z
Updated: 2024-08-06T00:46:38.464Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-4858 |
vulnerable | 2026-06-03 14:35:53.590157 |
Details available
Cross-site scripting vulnerability in Splunk Enterprise 6.4.x prior to 6.4.2, Splunk Enterprise 6.3.x prior to 6.3.6, Splunk Enterprise 6.2.x prior to 6.2.10, Splunk Enterprise 6.1.x prior to 6.1.11, Splunk Enterprise 6.0.x prior to 6.0.12, Splunk Enterprise 5.0.x prior to 5.0.16 and Splunk Light prior to 6.4.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Published: 2017-05-12T18:00:00.000Z
Updated: 2024-08-06T00:46:38.458Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-10126 |
vulnerable | 2026-06-03 14:35:23.428427 |
Details available
Splunk Web in Splunk Enterprise 5.0.x before 5.0.17, 6.0.x before 6.0.13, 6.1.x before 6.1.12, 6.2.x before 6.2.12, 6.3.x before 6.3.8, and 6.4.x before 6.4.4 allows remote attackers to conduct HTTP request injection attacks and obtain sensitive REST API authentication-token information via unspecified vectors, aka SPL-128840.
Published: 2017-01-10T11:00:00.000Z
Updated: 2024-08-06T03:14:41.308Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2015-6515 |
vulnerable | 2026-06-03 14:35:02.378056 |
Details available
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.2.x before 6.2.4, 6.1.x before 6.1.8, 6.0.x before 6.0.9, and 5.0.x before 5.0.13 and Splunk Light 6.2.x before 6.2.4 allows remote attackers to inject arbitrary web script or HTML via a header.
Published: 2015-08-18T15:00:00.000Z
Updated: 2024-09-16T17:38:14.848Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-8303 |
vulnerable | 2026-06-03 14:34:23.540836 |
Details available
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.4 and 6.0.x before 6.0.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to event parsing.
Published: 2014-10-16T19:00:00.000Z
Updated: 2024-09-16T19:51:38.121Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-8302 |
vulnerable | 2026-06-03 14:34:23.539780 |
Details available
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.4, 6.0.x before 6.0.6, and 5.0.x before 5.0.10 allows remote attackers to inject arbitrary web script or HTML via vectors related to dashboard.
Published: 2014-10-16T19:00:00.000Z
Updated: 2024-09-16T16:43:09.591Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-5198 |
vulnerable | 2026-06-03 14:34:05.634307 |
Details available
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.3 allows remote attackers to inject arbitrary web script or HTML via the Referer HTTP header.
Published: 2014-08-12T20:00:00.000Z
Updated: 2024-09-16T18:12:54.478Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-5197 |
vulnerable | 2026-06-03 14:34:05.633729 |
Details available
Directory traversal vulnerability in (1) Splunk Web or the (2) Splunkd HTTP Server in Splunk Enterprise 6.1.x before 6.1.3 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a URI, related to search ids.
Published: 2014-08-12T20:00:00.000Z
Updated: 2024-09-17T01:36:58.756Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.