CVE-2017-5880

medium

Splunk

CVSS v3 Base Score

6.5

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Score

0.6%

Exploitation probability in 30 days

Top 32% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Confidentiality

None

Integrity

None

Availability

High

Published: February 4, 2017 (3387 days ago)

Last Modified: May 13, 2026

Vendor: Splunk

Source: NVD

Description

Splunk Web in Splunk Enterprise versions 6.5.x before 6.5.2, 6.4.x before 6.4.5, 6.3.x before 6.3.9, 6.2.x before 6.2.13, 6.1.x before 6.1.12, 6.0.x before 6.0.13, 5.0.x before 5.0.17 and Splunk Light versions before 6.5.2 allows remote authenticated users to cause a denial of service (daemon crash) via a crafted GET request, aka SPL-130279.

CWE

CWE-20

Affected Products

splunk splunk

References

🔗 www.splunk.com 🔗 www.splunk.com

CVE-2017-5880

Vulnerability Report

Description

CWE

Affected Products

References