CVE-2017-12572

medium

Splunk

CVSS v3 Base Score

4.8

CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

EPSS Score

0.3%

Exploitation probability in 30 days

Top 51% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

Required

Confidentiality

Low

Integrity

Low

Availability

None

Published: August 5, 2017 (3204 days ago)

Last Modified: May 13, 2026

Vendor: Splunk

Source: NVD

Description

Persistent Cross Site Scripting (XSS) exists in Splunk Enterprise 6.5.x before 6.5.2, 6.4.x before 6.4.6, and 6.3.x before 6.3.9 and Splunk Light before 6.5.2, with exploitation requiring administrative access, aka SPL-134104.

CWE

CWE-79

Affected Products

splunk splunk

References

🔗 www.splunk.com 🔗 www.splunk.com

CVE-2017-12572

Vulnerability Report

Description

CWE

Affected Products

References