Splunk response to Path Traversal vulnerability in Splunk Hadoop Connect App

Advisory ID: ERP-2041

CVE ID: -

Published: 2017-05-05

Last Update: 2017-05-12

CVSSv3.1 Score: -, High

CVSSv3.1 Vector: -

CWE: -

Bug ID: -

Description

Splunk response to Path Traversal vulnerability in Splunk Hadoop Connect App

  • Path Traversal vulnerability in Splunk Hadoop Connect App (ERP-2041)

At the time of this announcement, Splunk is not aware of any cases where these vulnerabilities have been actively exploited. Previous Product Security Announcements can be found on our Splunk Product Security Portal. Use SPL numbers when referencing issues in communication with Splunk. If there is no Common Vulnerabilities and Exposures (CVE) identifier listed with a vulnerability, it will be added once it is assigned by a CVE Numbering Authority. To standardize the calculation of severity scores for each vulnerability, when appropriate, Splunk uses Common Vulnerability Scoring System version 2 (CVSS v2).

Affected Products and Components

  • Path Traversal vulnerability in Splunk Hadoop Connect App (ERP-2041)
  • Affected Components: All versions of Splunk Hadoop Connect App before 1.2.5.

    Mitigation and Upgrades

    To mitigate this issue, Splunk recommends upgrading to Splunk Hadoop Connect App Version 1.2.5 or later.

The updated Splunk Hadoop Connect App introduces new access controls on the use of Splunk Hadoop Connect App to limit access to users in the admin role.

Vulnerability Descriptions and Ratings

Path Traversal vulnerability in Splunk Hadoop Connect App (ERP-2041)

Description: All versions of Splunk Hadoop Connect App before 1.2.5 are affected by a path traversal vulnerability that allows any authenticated Splunk user to potentially execute arbitrary code.

Credits: Splunk would like to thank Marek Cybul for reporting this issue.

CVSS Severity (version 2.0):

CVSS Base Score 8.5

CVSS Impact Subscore 10.0

CVSS Exploitability Subscore 6.8

Overall CVSS Score 7.3

Document History

  • 2017-Apr-05: Rev 1. Initial Release
  • 2017-Apr-12: Rev 2. Mitigation and Upgrades