CVE-2011-4643

medium Splunk
CVSS v3 Base Score
4.0
AV:N/AC:L/Au:S/C:P/I:N/A:N
EPSS Score
9.3%
Exploitation probability in 30 days
Top 7% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
P
Integrity
None
Availability
None
Published: January 3, 2012 (5245 days ago)
Last Modified: April 29, 2026
Vendor: Splunk
Source: NVD

Description

Multiple directory traversal vulnerabilities in Splunk 4.x before 4.2.5 allow remote authenticated users to read arbitrary files via a .. (dot dot) in a URI to (1) Splunk Web or (2) the Splunkd HTTP Server, aka SPL-45243.

CWE

CWE-22

Affected Products

splunk splunk

References

🔗 secunia.com 🔗 www.exploit-db.com 🔗 www.sec-1.com 🔗 www.sec-1.com 🔗 www.securitytracker.com