Vulnerability Details CVE-2010-3322
The XML parser in Splunk 4.0.0 through 4.1.4 allows remote authenticated users to obtain sensitive information and gain privileges via an XML External Entity (XXE) attack to unknown vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 67.5%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.0
Products affected by CVE-2010-3322
-
cpe:2.3:a:splunk:splunk:4.0
-
cpe:2.3:a:splunk:splunk:4.0.1
-
cpe:2.3:a:splunk:splunk:4.0.10
-
cpe:2.3:a:splunk:splunk:4.0.11
-
cpe:2.3:a:splunk:splunk:4.0.2
-
cpe:2.3:a:splunk:splunk:4.0.3
-
cpe:2.3:a:splunk:splunk:4.0.4
-
cpe:2.3:a:splunk:splunk:4.0.5
-
cpe:2.3:a:splunk:splunk:4.0.6
-
cpe:2.3:a:splunk:splunk:4.0.7
-
cpe:2.3:a:splunk:splunk:4.0.8
-
cpe:2.3:a:splunk:splunk:4.0.9
-
cpe:2.3:a:splunk:splunk:4.1
-
cpe:2.3:a:splunk:splunk:4.1.1
-
cpe:2.3:a:splunk:splunk:4.1.2
-
cpe:2.3:a:splunk:splunk:4.1.3
-
cpe:2.3:a:splunk:splunk:4.1.4