cve-2016-10126
Vulnerability from cvelistv5
Published
2017-01-10 11:00
Modified
2024-08-06 03:14
Severity ?
Summary
Splunk Web in Splunk Enterprise 5.0.x before 5.0.17, 6.0.x before 6.0.13, 6.1.x before 6.1.12, 6.2.x before 6.2.12, 6.3.x before 6.3.8, and 6.4.x before 6.4.4 allows remote attackers to conduct HTTP request injection attacks and obtain sensitive REST API authentication-token information via unspecified vectors, aka SPL-128840.
References
cve@mitre.orghttp://www.securityfocus.com/bid/95412
cve@mitre.orghttps://www.splunk.com/view/SP-CAAAPSRMitigation, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/95412
af854a3a-2127-422b-91ae-364da2661108https://www.splunk.com/view/SP-CAAAPSRMitigation, Vendor Advisory
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T03:14:41.308Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.splunk.com/view/SP-CAAAPSR"
          },
          {
            "name": "95412",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95412"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-11-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Splunk Web in Splunk Enterprise 5.0.x before 5.0.17, 6.0.x before 6.0.13, 6.1.x before 6.1.12, 6.2.x before 6.2.12, 6.3.x before 6.3.8, and 6.4.x before 6.4.4 allows remote attackers to conduct HTTP request injection attacks and obtain sensitive REST API authentication-token information via unspecified vectors, aka SPL-128840."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-01-16T10:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.splunk.com/view/SP-CAAAPSR"
        },
        {
          "name": "95412",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95412"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-10126",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Splunk Web in Splunk Enterprise 5.0.x before 5.0.17, 6.0.x before 6.0.13, 6.1.x before 6.1.12, 6.2.x before 6.2.12, 6.3.x before 6.3.8, and 6.4.x before 6.4.4 allows remote attackers to conduct HTTP request injection attacks and obtain sensitive REST API authentication-token information via unspecified vectors, aka SPL-128840."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.splunk.com/view/SP-CAAAPSR",
              "refsource": "CONFIRM",
              "url": "https://www.splunk.com/view/SP-CAAAPSR"
            },
            {
              "name": "95412",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95412"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-10126",
    "datePublished": "2017-01-10T11:00:00",
    "dateReserved": "2017-01-09T00:00:00",
    "dateUpdated": "2024-08-06T03:14:41.308Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:5.0.0:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"DE14A0C1-C94A-48CD-80C6-89574C07379A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:5.0.1:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"DA88AC99-F676-4FAB-AC4E-1B40A85560D6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:5.0.2:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"128F43BB-BB71-489A-A385-3654E745CE34\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:5.0.3:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"81FEC811-BC9A-4C24-ABDC-89506EBC5F68\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:5.0.4:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"2AE1409C-D8DC-472C-9BCA-45D40B0ED836\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:5.0.5:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"DDC8A279-A04D-4410-A77E-6C45F63E13F3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:5.0.6:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"FFA99D49-F384-414E-84C2-04A0498C3764\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:5.0.7:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"DF3EFE0C-3737-4BEA-B68F-46BD50F484D2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:5.0.8:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"7EB21D87-CC00-44A6-BDFB-78116FF26E2B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:5.0.9:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"E3452254-79B9-43A6-91FD-AF4112FFC709\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:5.0.10:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"E5CCF6AE-4994-46DD-BE0E-E8DB14332E0E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:5.0.11:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"FDCF8506-6FCF-44DC-A7AD-9179B461A23D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:5.0.12:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"F8AA782A-2B5D-40C9-B5C0-044188576DCE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:5.0.13:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"80DFCCD0-45E3-49E5-B4D2-7309306E62BA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:5.0.14:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"B2983933-1E0E-4409-9EB4-035C80A26333\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:5.0.15:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"E73FD956-361A-4A16-8395-EB043780933E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:5.0.16:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"BB3630C5-9917-4D6C-8E1D-087C03A542D9\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.0.0:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"9EF63812-8482-4EC2-97CF-BEC5E27A3367\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.0.1:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"FF70BF2B-16A6-48B8-9AEF-1198E6FBB7EB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.0.2:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"AE4A31E6-E4CA-4C92-BEF6-649800B0EF94\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.0.3:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"81D51853-0D47-4034-83E6-FB46A6E9F2AA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.0.4:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"06418BAD-EF0C-42F9-A2A3-FD232D9882B9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.0.5:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"E2772D7D-B15D-42D4-AC32-DC9A005163E3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.0.6:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"6188A7A1-76EE-493B-9A38-3564AAAB64F7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.0.7:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"4142BA91-F26B-4DD0-933A-1BB1AAB587AC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.0.8:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"2D0D8841-7BB4-4A2B-891A-84302EE45640\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.0.9:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"24767341-D913-4A59-8496-AE2429696279\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.0.10:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"7E38696A-9486-4922-8B9C-798FB8BC5360\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.0.11:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"C2AA1ED2-FCD5-4E98-B4FF-C8FBE8DDA284\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.0.12:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"5D6DD223-CCA1-4C59-80AC-BF9E67479A22\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.1.0:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"D645FC12-C7BD-4D2E-9ACB-509D3DEA73AC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.1.1:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"BE618334-8239-42DB-9F79-DE9241AEBF5C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.1.2:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"D3764A91-2A1C-4076-8F2C-ECED2FFD15DB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.1.3:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"C9BF3278-84C0-46CE-9CB4-952D0361A117\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.1.4:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"FA1023E7-B6E3-49C2-BE70-34441FEC2CF7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.1.5:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"A9A34A7A-7AE4-4372-805B-165D8890B0EF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.1.6:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"29DDC4B6-7832-4CA1-B872-41202ADA3CF5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.1.7:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"E9E747FC-558F-4CD5-9BE1-0CFEC01A679A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.1.8:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"BEA15E6A-4C34-46C4-8AA7-CC695116364D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.1.9:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"6A629D3A-04FB-4C7A-B490-4A2E2E38DBA0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.1.10:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"72163879-BC1B-4F61-B441-014909940F99\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.1.11:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"C7365CA4-4730-4ED7-B69C-E9FACB160442\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.2.0:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"6A1B5DB3-86EE-43D5-8FA2-C62CB0F1589B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.2.1:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"1AD74B94-BA4C-4679-AD80-AB268F930800\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.2.2:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"F6B51A1C-15FA-4F09-BEC0-2365EA1B2320\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.2.3:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"3DF8E96E-9A0C-4865-9891-6FF686FAFC10\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.2.4:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"3E86FB3D-CD13-45CD-9D2C-C66C171D6D1E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.2.5:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"7C568818-BFF9-4262-9092-4C441FE34C41\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.2.6:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"49EB8850-F83A-42AB-B4F2-F5867992E636\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.2.7:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"2B9A57FA-F313-4FD8-8354-86771173F3F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.2.8:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"00151508-4BC7-492D-846A-87CD1E2FFB56\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.2.9:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"A036EB08-E546-4FF4-922D-9E343918310D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.2.10:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"EE18045F-40CF-4680-8196-5381FFA80C12\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.2.11:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"48B31390-A81F-4206-A362-8FC71E5B87C8\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.3.0:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"017E3E44-C062-463F-B9D3-75BA57992C91\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.3.1:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"A2BB5352-F0AF-4578-979A-7E7D3259A94A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.3.2:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"011F96AC-580A-4798-82F9-5D7CF80505DF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.3.3:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"8B2CE702-BB9A-426C-ADE1-6CC0CD96A2CF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.3.4:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"51ABD86F-DD27-43D6-AC0C-BE8E7B5A6308\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.3.5:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"EED5369E-4539-4598-85C9-00384CBB7410\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.3.6:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"963C3008-04D5-4331-89E9-09FEC12FEC17\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.3.7:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"6C85C2D3-FA71-47C4-9BA1-1008F033E24A\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.4.0:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"D0BDC526-0F46-41E6-B723-D93A5FA288B1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.4.1:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"9BCB1613-C716-4147-9E1E-0FCAD800DE1D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.4.2:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"FF59568E-ECF4-4AF9-9F70-01AB67CEACA6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:splunk:6.4.3:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"AA23CDDF-349C-4028-B857-FA1837BBEBEB\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Splunk Web in Splunk Enterprise 5.0.x before 5.0.17, 6.0.x before 6.0.13, 6.1.x before 6.1.12, 6.2.x before 6.2.12, 6.3.x before 6.3.8, and 6.4.x before 6.4.4 allows remote attackers to conduct HTTP request injection attacks and obtain sensitive REST API authentication-token information via unspecified vectors, aka SPL-128840.\"}, {\"lang\": \"es\", \"value\": \"Splunk Web en Splunk Enterprise 5.0.x en versiones anteriores a 5.0.17, 6.0.x en versiones anteriores a 6.0.13, 6.1.x en versiones anteriores a 6.1.12, 6.2.x en versiones anteriores a 6.2.12, 6.3.x en versiones anteriores a 6.3.8 y 6.4.x en versiones anteriores a 6.4.4 permite a atacantes remotos llevar a cabo ataques de inyecci\\u00f3n de petici\\u00f3n HTTP y obtener informaci\\u00f3n sensible de autenticaci\\u00f3n del token REST API a trav\\u00e9s de vectores no especificados, vulnerabilidad tambi\\u00e9n conocida como SPL-128840.\"}]",
      "id": "CVE-2016-10126",
      "lastModified": "2024-11-21T02:43:21.680",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 10.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2017-01-10T11:59:00.143",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/95412\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://www.splunk.com/view/SP-CAAAPSR\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mitigation\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/95412\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.splunk.com/view/SP-CAAAPSR\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mitigation\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-264\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-10126\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-01-10T11:59:00.143\",\"lastModified\":\"2024-11-21T02:43:21.680\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Splunk Web in Splunk Enterprise 5.0.x before 5.0.17, 6.0.x before 6.0.13, 6.1.x before 6.1.12, 6.2.x before 6.2.12, 6.3.x before 6.3.8, and 6.4.x before 6.4.4 allows remote attackers to conduct HTTP request injection attacks and obtain sensitive REST API authentication-token information via unspecified vectors, aka SPL-128840.\"},{\"lang\":\"es\",\"value\":\"Splunk Web en Splunk Enterprise 5.0.x en versiones anteriores a 5.0.17, 6.0.x en versiones anteriores a 6.0.13, 6.1.x en versiones anteriores a 6.1.12, 6.2.x en versiones anteriores a 6.2.12, 6.3.x en versiones anteriores a 6.3.8 y 6.4.x en versiones anteriores a 6.4.4 permite a atacantes remotos llevar a cabo ataques de inyecci\u00f3n de petici\u00f3n HTTP y obtener informaci\u00f3n sensible de autenticaci\u00f3n del token REST API a trav\u00e9s de vectores no especificados, vulnerabilidad tambi\u00e9n conocida como SPL-128840.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:5.0.0:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"DE14A0C1-C94A-48CD-80C6-89574C07379A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:5.0.1:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"DA88AC99-F676-4FAB-AC4E-1B40A85560D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:5.0.2:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"128F43BB-BB71-489A-A385-3654E745CE34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:5.0.3:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"81FEC811-BC9A-4C24-ABDC-89506EBC5F68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:5.0.4:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"2AE1409C-D8DC-472C-9BCA-45D40B0ED836\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:5.0.5:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"DDC8A279-A04D-4410-A77E-6C45F63E13F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:5.0.6:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"FFA99D49-F384-414E-84C2-04A0498C3764\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:5.0.7:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"DF3EFE0C-3737-4BEA-B68F-46BD50F484D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:5.0.8:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"7EB21D87-CC00-44A6-BDFB-78116FF26E2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:5.0.9:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"E3452254-79B9-43A6-91FD-AF4112FFC709\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:5.0.10:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"E5CCF6AE-4994-46DD-BE0E-E8DB14332E0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:5.0.11:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"FDCF8506-6FCF-44DC-A7AD-9179B461A23D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:5.0.12:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"F8AA782A-2B5D-40C9-B5C0-044188576DCE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:5.0.13:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"80DFCCD0-45E3-49E5-B4D2-7309306E62BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:5.0.14:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"B2983933-1E0E-4409-9EB4-035C80A26333\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:5.0.15:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"E73FD956-361A-4A16-8395-EB043780933E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:5.0.16:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"BB3630C5-9917-4D6C-8E1D-087C03A542D9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.0.0:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"9EF63812-8482-4EC2-97CF-BEC5E27A3367\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.0.1:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"FF70BF2B-16A6-48B8-9AEF-1198E6FBB7EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.0.2:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"AE4A31E6-E4CA-4C92-BEF6-649800B0EF94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.0.3:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"81D51853-0D47-4034-83E6-FB46A6E9F2AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.0.4:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"06418BAD-EF0C-42F9-A2A3-FD232D9882B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.0.5:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"E2772D7D-B15D-42D4-AC32-DC9A005163E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.0.6:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"6188A7A1-76EE-493B-9A38-3564AAAB64F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.0.7:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"4142BA91-F26B-4DD0-933A-1BB1AAB587AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.0.8:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"2D0D8841-7BB4-4A2B-891A-84302EE45640\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.0.9:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"24767341-D913-4A59-8496-AE2429696279\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.0.10:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"7E38696A-9486-4922-8B9C-798FB8BC5360\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.0.11:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"C2AA1ED2-FCD5-4E98-B4FF-C8FBE8DDA284\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.0.12:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"5D6DD223-CCA1-4C59-80AC-BF9E67479A22\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.1.0:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"D645FC12-C7BD-4D2E-9ACB-509D3DEA73AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.1.1:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"BE618334-8239-42DB-9F79-DE9241AEBF5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.1.2:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"D3764A91-2A1C-4076-8F2C-ECED2FFD15DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.1.3:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"C9BF3278-84C0-46CE-9CB4-952D0361A117\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.1.4:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"FA1023E7-B6E3-49C2-BE70-34441FEC2CF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.1.5:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"A9A34A7A-7AE4-4372-805B-165D8890B0EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.1.6:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"29DDC4B6-7832-4CA1-B872-41202ADA3CF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.1.7:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"E9E747FC-558F-4CD5-9BE1-0CFEC01A679A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.1.8:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"BEA15E6A-4C34-46C4-8AA7-CC695116364D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.1.9:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"6A629D3A-04FB-4C7A-B490-4A2E2E38DBA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.1.10:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"72163879-BC1B-4F61-B441-014909940F99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.1.11:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"C7365CA4-4730-4ED7-B69C-E9FACB160442\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.2.0:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"6A1B5DB3-86EE-43D5-8FA2-C62CB0F1589B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.2.1:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"1AD74B94-BA4C-4679-AD80-AB268F930800\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.2.2:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"F6B51A1C-15FA-4F09-BEC0-2365EA1B2320\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.2.3:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"3DF8E96E-9A0C-4865-9891-6FF686FAFC10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.2.4:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"3E86FB3D-CD13-45CD-9D2C-C66C171D6D1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.2.5:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"7C568818-BFF9-4262-9092-4C441FE34C41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.2.6:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"49EB8850-F83A-42AB-B4F2-F5867992E636\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.2.7:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"2B9A57FA-F313-4FD8-8354-86771173F3F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.2.8:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"00151508-4BC7-492D-846A-87CD1E2FFB56\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.2.9:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"A036EB08-E546-4FF4-922D-9E343918310D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.2.10:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"EE18045F-40CF-4680-8196-5381FFA80C12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.2.11:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"48B31390-A81F-4206-A362-8FC71E5B87C8\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.3.0:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"017E3E44-C062-463F-B9D3-75BA57992C91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.3.1:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"A2BB5352-F0AF-4578-979A-7E7D3259A94A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.3.2:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"011F96AC-580A-4798-82F9-5D7CF80505DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.3.3:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"8B2CE702-BB9A-426C-ADE1-6CC0CD96A2CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.3.4:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"51ABD86F-DD27-43D6-AC0C-BE8E7B5A6308\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.3.5:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"EED5369E-4539-4598-85C9-00384CBB7410\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.3.6:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"963C3008-04D5-4331-89E9-09FEC12FEC17\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.3.7:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"6C85C2D3-FA71-47C4-9BA1-1008F033E24A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.4.0:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"D0BDC526-0F46-41E6-B723-D93A5FA288B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.4.1:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"9BCB1613-C716-4147-9E1E-0FCAD800DE1D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.4.2:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"FF59568E-ECF4-4AF9-9F70-01AB67CEACA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:6.4.3:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"AA23CDDF-349C-4028-B857-FA1837BBEBEB\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/95412\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.splunk.com/view/SP-CAAAPSR\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/95412\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.splunk.com/view/SP-CAAAPSR\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.