CVE-2016-4857

Summary

Open redirect vulnerability in Splunk Enterprise 6.4.x prior to 6.4.2, Splunk Enterprise 6.3.x prior to 6.3.6, Splunk Enterprise 6.2.x prior to 6.2.11 and Splunk Light prior to 6.4.2 allows to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

Affected Software

VendorProductVersion RangeStatus
Splunk Inc.Splunk Enterprise6.4.x prior to 6.4.2affected
Splunk Inc.Splunk Enterprise6.3.x prior to 6.3.6affected
Splunk Inc.Splunk Enterprise6.2.x prior to 6.2.11affected
Splunk Inc.Splunk Lightprior to 6.4.2affected

Weaknesses

  • Open Redirect

ADP Enrichment

CVE Program Container

Additional References

References