1. CVE-Search
  2. CVE-2017-17067
ID CVE-2017-17067
Summary Splunk Web in Splunk Enterprise 7.0.x before 7.0.0.1, 6.6.x before 6.6.3.2, 6.5.x before 6.5.6, 6.4.x before 6.4.9, and 6.3.x before 6.3.12, when the SAML authType is enabled, mishandles SAML, which allows remote attackers to bypass intended access restrictions or conduct impersonation attacks.
References
Vulnerable Configurations
  • cpe:2.3:a:splunk:splunk:6.3.0:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:6.3.0:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:6.3.1:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:6.3.1:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:6.3.2:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:6.3.2:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:6.3.3:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:6.3.3:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:6.3.4:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:6.3.4:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:6.3.5:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:6.3.5:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:6.3.6:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:6.3.6:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:6.3.7:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:6.3.7:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:6.3.8:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:6.3.8:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:6.3.9:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:6.3.9:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:6.3.10:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:6.3.10:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:6.3.11:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:6.3.11:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:6.4.0:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:6.4.0:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:6.4.1:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:6.4.1:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:6.4.2:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:6.4.2:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:6.4.3:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:6.4.3:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:6.4.4:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:6.4.4:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:6.4.5:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:6.4.5:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:6.4.6:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:6.4.6:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:6.4.7:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:6.4.7:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:6.4.8:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:6.4.8:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:6.5.0:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:6.5.0:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:6.5.1:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:6.5.1:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:6.5.2:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:6.5.2:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:6.5.3:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:6.5.3:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:6.5.4:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:6.5.4:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:6.5.5:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:6.5.5:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:6.6.0:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:6.6.0:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:6.6.1:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:6.6.1:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:6.6.2:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:6.6.2:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:6.6.3:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:6.6.3:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:7.0.0:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:7.0.0:*:*:*:enterprise:*:*:*
CVSS
Base: 10.0 (as of 03-10-2019 - 00:03)
Impact:
Exploitability:
CWE CWE-863
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 102005
confirm https://www.splunk.com/view/SP-CAAAP3K
Last major update 03-10-2019 - 00:03
Published 30-11-2017 - 02:29
Last modified 03-10-2019 - 00:03
Back to Top