VYPR
Get started
← All advisories
Critical severity9.8NVD Advisory· Published Jan 10, 2017· Updated May 6, 2026

CVE-2016-10126

CVE-2016-10126

Description

Splunk Web in Splunk Enterprise 5.0.x before 5.0.17, 6.0.x before 6.0.13, 6.1.x before 6.1.12, 6.2.x before 6.2.12, 6.3.x before 6.3.8, and 6.4.x before 6.4.4 allows remote attackers to conduct HTTP request injection attacks and obtain sensitive REST API authentication-token information via unspecified vectors, aka SPL-128840.

Affected products

66
  • Splunk/Splunk66 versions
    cpe:2.3:a:splunk:splunk:5.0.0:*:*:*:enterprise:*:*:*+ 65 more
    • cpe:2.3:a:splunk:splunk:5.0.0:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:5.0.10:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:5.0.11:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:5.0.12:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:5.0.13:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:5.0.14:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:5.0.15:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:5.0.16:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:5.0.1:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:5.0.2:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:5.0.3:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:5.0.4:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:5.0.5:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:5.0.6:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:5.0.7:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:5.0.8:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:5.0.9:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.0.0:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.0.10:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.0.11:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.0.12:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.0.1:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.0.2:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.0.3:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.0.4:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.0.5:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.0.6:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.0.7:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.0.8:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.0.9:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.1.0:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.1.10:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.1.11:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.1.1:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.1.2:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.1.3:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.1.4:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.1.5:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.1.6:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.1.7:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.1.8:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.1.9:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.2.0:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.2.10:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.2.11:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.2.1:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.2.2:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.2.3:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.2.4:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.2.5:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.2.6:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.2.7:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.2.8:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.2.9:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.3.0:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.3.1:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.3.2:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.3.3:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.3.4:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.3.5:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.3.6:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.3.7:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.4.0:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.4.1:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.4.2:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.4.3:*:*:*:enterprise:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.