CVE-2017-17067
Last modified
CVE-2017-17067 is a vulnerability of currently unknown severity. Splunk Web in Splunk Enterprise 7.0.x before 7.0.0.1, 6.6.x before 6.6.3.2, 6.5.x before 6.5.6, 6.4.x before 6.4.9, and 6.3.x before 6.3.12, when the SAML authType is enabled, mishandles SAML, which allows remote attackers to bypass intended access restrictions or conduct impersonation attacks.. EPSS estimates a 2.96% chance of exploitation in the next 30 days.
Description
Splunk Web in Splunk Enterprise 7.0.x before 7.0.0.1, 6.6.x before 6.6.3.2, 6.5.x before 6.5.6, 6.4.x before 6.4.9, and 6.3.x before 6.3.12, when the SAML authType is enabled, mishandles SAML, which allows remote attackers to bypass intended access restrictions or conduct impersonation attacks.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Splunk | Splunk | >= 6.3.0, < 6.3.12 |
| Splunk | Splunk | >= 6.4.0, < 6.4.9 |
| Splunk | Splunk | >= 6.5.0, < 6.5.6 |
| Splunk | Splunk | >= 6.6.0, < 6.6.3.2 |
| Splunk | Splunk | >= 7.0.0, < 7.0.0.1 |
References
- http://www.securityfocus.com/bid/102005Third Party Advisory, VDB Entry
- https://www.splunk.com/view/SP-CAAAP3KVendor Advisory
- http://www.securityfocus.com/bid/102005Third Party Advisory, VDB Entry
- https://www.splunk.com/view/SP-CAAAP3KVendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2017-17067?
How severe is CVE-2017-17067?
How do I fix CVE-2017-17067?
Are you affected by CVE-2017-17067?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST