Описание
A potential vulnerability in Splunk Enterprise's implementation of DUO MFA allows for bypassing the MFA verification in Splunk Enterprise versions before 8.1.6. The potential vulnerability impacts Splunk Enterprise instances configured to use DUO MFA and does not impact or affect a DUO product or service.
Уязвимые конфигурации
Конфигурация 1Версия от 8.1.0 (включая) до 8.1.6 (исключая)
cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
EPSS
Процентиль: 43%
0.00204
Низкий
8.1 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-287
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 8.1
github
больше 3 лет назад
A potential vulnerability in Splunk Enterprise's implementation of DUO MFA allows for bypassing the MFA verification in Splunk Enterprise versions before 8.1.6. The potential vulnerability impacts Splunk Enterprise instances configured to use DUO MFA and does not impact or affect a DUO product or service.
EPSS
Процентиль: 43%
0.00204
Низкий
8.1 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-287
NVD-CWE-noinfo