virus logo Intrusion Prevention

Splunk.5.Custom.App.Remote.Code.Execution

description-logoDescription

This indicates an attack attempt against an arbitrary File Upload vulnerability in Splunk.
The vulnerability is caused by an error when the vulnerable software handles a malicious customer app. It allows an authorized user to upload an arbitrary app and execute it.

affected-products-logoAffected Products

Splunk Splunk 5.0

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Currently we are unaware of any vendor supplied patch for this issue.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

http://blog.7elements.co.uk/2012/11/splunk-with-great-power-comes-great-responsibility.html
ID 34166
Created Dec 31, 2012
Updated Mar 21, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID
Default Action drop
Active
Affected OS Windows, Linux
Affected App Other