HTTP Request Injection Vulnerability in Splunk Web
CVE-2016-10126 · HIGH Severity
AV:N/AC:L/AU:N/C:C/I:C/A:C
Splunk Web in Splunk Enterprise 5.0.x before 5.0.17, 6.0.x before 6.0.13, 6.1.x before 6.1.12, 6.2.x before 6.2.12, 6.3.x before 6.3.8, and 6.4.x before 6.4.4 allows remote attackers to conduct HTTP request injection attacks and obtain sensitive REST API authentication-token information via unspecified vectors, aka SPL-128840.
Learn more about our Web App Pen Testing.