CVE-2010-2502
Splunk 4.0-4.0.10 and 4.1-4.1.1 - Path Traversal and Arbitrary File Read/Write
Title source: llmDescription
Multiple directory traversal vulnerabilities in Splunk 4.0 through 4.0.10 and 4.1 through 4.1.1 allow (1) remote attackers to read arbitrary files, aka SPL-31194; (2) remote authenticated users to modify arbitrary files, aka SPL-31063; or (3) have an unknown impact via redirects, aka SPL-31067.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_confirm
http://www.splunk.com/view/SP-CAAAFGD
Scores
EPSS
0.0026
EPSS Percentile
48.9%
Details
CWE
CWE-22
Status
published
Products (13)
splunk/splunk
4.0
splunk/splunk
4.0.1
splunk/splunk
4.0.2
splunk/splunk
4.0.3
splunk/splunk
4.0.4
splunk/splunk
4.0.5
splunk/splunk
4.0.6
splunk/splunk
4.0.7
splunk/splunk
4.0.8
splunk/splunk
4.0.9
... and 3 more
Published
Jun 28, 2010
Tracked Since
Feb 18, 2026