VYPR
Get started
← All advisories
Medium severity4.8NVD Advisory· Published Aug 5, 2017· Updated May 13, 2026

CVE-2017-12572

CVE-2017-12572

Description

Persistent Cross Site Scripting (XSS) exists in Splunk Enterprise 6.5.x before 6.5.2, 6.4.x before 6.4.6, and 6.3.x before 6.3.9 and Splunk Light before 6.5.2, with exploitation requiring administrative access, aka SPL-134104.

Affected products

19
  • Splunk/Splunk19 versions
    cpe:2.3:a:splunk:splunk:6.3.0:*:*:*:enterprise:*:*:*+ 18 more
    • cpe:2.3:a:splunk:splunk:6.3.0:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.3.1:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.3.2:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.3.3:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.3.4:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.3.5:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.3.6:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.3.7:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.3.8:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.4.0:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.4.1:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.4.2:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.4.3:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.4.4:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.4.5:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.5.0:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.5.0:*:*:*:light:*:*:*
    • cpe:2.3:a:splunk:splunk:6.5.1:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:splunk:splunk:6.5.1:*:*:*:light:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.