Unrated severityNVD Advisory· Published Jan 3, 2012· Updated Apr 29, 2026

CVE-2011-4642

Description

mappy.py in Splunk Web in Splunk 4.2.x before 4.2.5 does not properly restrict use of the mappy command to access Python classes, which allows remote authenticated administrators to execute arbitrary code by leveraging the sys module in a request to the search application, as demonstrated by a cross-site request forgery (CSRF) attack, aka SPL-45172.

Affected products

Splunk/Splunk5 versions
cpe:2.3:a:splunk:splunk:4.2:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:splunk:splunk:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk:4.2.4:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.exploit-db.com/exploits/18245/nvdExploit
www.sec-1.com/blog/nvdExploit
www.sec-1.com/blog/wp-content/uploads/2011/12/Attacking_Splunk_Release.pdfnvdExploit
www.splunk.com/view/SP-CAAAGMMnvdVendor Advisory
secunia.com/advisories/47232nvd
www.securitytracker.com/idnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.015
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000