Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT Security Bulletin ASB-2014.0038 A vulnerability has been identified in Splunk prior to version 5.0.8 4 April 2014 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Splunk Operating System: Windows UNIX variants (UNIX, Linux, OSX) Impact/Access: Cross-site Scripting -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2014-2578 Member content until: Sunday, May 4 2014 OVERVIEW A vulnerability has been identified in Splunk prior to version 5.0.8. [1] IMPACT The vendor has provided the following details regarding this vulnerability: "Splunk version 5.0.8 addresses the following vulnerability: * Reflective Cross Site Scripting (SPL-74017, CVE-2014-2578) At the time of this announcement, Splunk is not aware of any cases where this vulnerability has been actively exploited." [1] "Reflective Cross Site Scripting (SPL-74017, CVE-2014-2578) Description: A reflected cross-site scripting vulnerability was identified in Splunk Web. While this does not have direct impact on the Splunk server, an attacker could trick an authenticated Splunk Web user into clicking a maliciously crafted link (which may exist on any external page), enabling the attacker to execute arbitrary web script code in the victim's browser." [1] MITIGATION The vendor recommends updating to the latest version of Splunk to correct this issue. [1] REFERENCES [1] Splunk 5.0.8 addresses one vulnerability http://www.splunk.com/view/SP-CAAAKQX AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBUz5KBBLndAQH1ShLAQJRuA/+OoQ6+L2GIFw7/F+AoZPzyJ4D/1u39Jwm VLY0+peOjLbGkWtCOQ2VR+jTmkpntASC9eUOaaBJUDWOqrj+dX0OJI4otGBGfqQw qS1dFbkQn1BMeMwvF5o5Pru6S11zCmTFkumZxmS2O8iu1UK3MpoNb7A4kysY/INj ZltV2MBIYZSIgGYML6WKUCszE6s2g1PeHgQo7qxSgc9IWhVNdqbhmeb28DoV0oMq 0/xb8q/Y9Zy9hFCKlqjnXAsWXqk0UHLJwB2MRbrNnzTfb/V946bCAaxOit3ldzOQ 41yMqFtdJX7B69h9Or1l5V5YPZ7xtoA01bngVAK4DeugAfkFmYhDDc0luhSTsvIx Y+1r9DbhVN2TlnXW7zhHGFZKZpdrGXT30MsLL9/PbtYxVCN4xb0U3e/Kh4nRpwF6 d8agTm1QU/GQVvDfG1R9aTfRq5YZgqRbG/DbQHffnHxedybOoQAacFznZVa4EjRw R1KVo2jGZSoAxJ3PsSL7rBT74owQTq7I1V4QHa0lDdP5xWXoPTikgBya/cjR+qvV rXwug/FVlNbcpdcsfjp+xPsWY8BiInVKSIswwa43xUuH5rDDTpNQaWgpWx+cws8+ sVliEv3q8/oOcWi8KoxbGBkFb9LqKxuzBCUz4QpBwvZBZvq3BHnWrWk7YCaFKWII OQavZGD8b8g= =/Yyh -----END PGP SIGNATURE-----