CVE-2017-5607

LOW

Splunk Enterprise <6.5.1 & Splunk Light <6.5.2 - Sensitive Info Exposure via Global Window Namespace

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-5607. PoCs published by hyp3rlinx.

AI-analyzed exploit summary This exploit leverages a JavaScript prototype pollution vulnerability in Splunk Enterprise to steal sensitive information (e.g., username, version details) from authenticated users via a malicious webpage. It intercepts the global '$C' variable assignment by defining a setter on the Object prototype.

Description

Splunk Enterprise 5.0.x before 5.0.18, 6.0.x before 6.0.14, 6.1.x before 6.1.13, 6.2.x before 6.2.13.1, 6.3.x before 6.3.10, 6.4.x before 6.4.6, and 6.5.x before 6.5.3 and Splunk Light before 6.5.2 assigns the $C JS property to the global Window namespace, which might allow remote attackers to obtain sensitive logged-in username and version-related information via a crafted webpage.

Exploits (1)

exploitdb WORKING POC VERIFIED

by hyp3rlinx · textwebappsmultiple

https://www.exploit-db.com/exploits/41779

View Code ZIP pw:eip

This exploit leverages a JavaScript prototype pollution vulnerability in Splunk Enterprise to steal sensitive information (e.g., username, version details) from authenticated users via a malicious webpage. It intercepts the global '$C' variable assignment by defining a setter on the Object prototype.

Classification

Working Poc 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Splunk Enterprise (versions 6.5.x before 6.5.3, 6.4.x before 6.4.6, 6.3.x before 6.3.10, 6.2.x before 6.2.13.1, 6.1.x before 6.1.13, 6.0.x before 6.0.14, 5.0.x before 5.0.18) and Splunk Light before 6.5.2

Auth required

Prerequisites: Authenticated Splunk user visits a malicious webpage · Access to the victim's Splunk instance URL

MITRE ATT&CK

T1059.007 - JavaScript T1539 - Steal Web Session Cookie T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →