Medium severity4.8NVD Advisory· Published Aug 5, 2017· Updated Jun 17, 2026
CVE-2017-12572
CVE-2017-12572
Description
Persistent Cross Site Scripting (XSS) exists in Splunk Enterprise 6.5.x before 6.5.2, 6.4.x before 6.4.6, and 6.3.x before 6.3.9 and Splunk Light before 6.5.2, with exploitation requiring administrative access, aka SPL-134104.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
21cpe:2.3:a:splunk:splunk:6.3.0:*:*:*:enterprise:*:*:*+ 18 more
- cpe:2.3:a:splunk:splunk:6.3.0:*:*:*:enterprise:*:*:*
- cpe:2.3:a:splunk:splunk:6.3.1:*:*:*:enterprise:*:*:*
- cpe:2.3:a:splunk:splunk:6.3.2:*:*:*:enterprise:*:*:*
- cpe:2.3:a:splunk:splunk:6.3.3:*:*:*:enterprise:*:*:*
- cpe:2.3:a:splunk:splunk:6.3.4:*:*:*:enterprise:*:*:*
- cpe:2.3:a:splunk:splunk:6.3.5:*:*:*:enterprise:*:*:*
- cpe:2.3:a:splunk:splunk:6.3.6:*:*:*:enterprise:*:*:*
- cpe:2.3:a:splunk:splunk:6.3.7:*:*:*:enterprise:*:*:*
- cpe:2.3:a:splunk:splunk:6.3.8:*:*:*:enterprise:*:*:*
- cpe:2.3:a:splunk:splunk:6.4.0:*:*:*:enterprise:*:*:*
- cpe:2.3:a:splunk:splunk:6.4.1:*:*:*:enterprise:*:*:*
- cpe:2.3:a:splunk:splunk:6.4.2:*:*:*:enterprise:*:*:*
- cpe:2.3:a:splunk:splunk:6.4.3:*:*:*:enterprise:*:*:*
- cpe:2.3:a:splunk:splunk:6.4.4:*:*:*:enterprise:*:*:*
- cpe:2.3:a:splunk:splunk:6.4.5:*:*:*:enterprise:*:*:*
- cpe:2.3:a:splunk:splunk:6.5.0:*:*:*:enterprise:*:*:*
- cpe:2.3:a:splunk:splunk:6.5.0:*:*:*:light:*:*:*
- cpe:2.3:a:splunk:splunk:6.5.1:*:*:*:enterprise:*:*:*
- cpe:2.3:a:splunk:splunk:6.5.1:*:*:*:light:*:*:*
- Range: <6.5.2, <6.4.6, <6.3.9
- Range: <6.5.2
Patches
Vulnerability mechanics
References
1- www.splunk.com/view/SP-CAAAPYCnvdVendor Advisory
News mentions
0No linked articles in our index yet.