VYPR
Unrated severityNVD Advisory· Published May 6, 2022· Updated Aug 3, 2024

Error message discloses internal path

CVE-2022-26070

Description

When handling a mismatched pre-authentication cookie, the application leaks the internal error message in the response, which contains the Splunk Enterprise local system path. The vulnerability impacts Splunk Enterprise versions before 8.1.0.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Splunk/Splunk Enterprisellm-fuzzy2 versions
    <8.1.0+ 1 more
    • (no CPE)range: <8.1.0
    • (no CPE)range: Version(s) before 8.1.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.