CVE-2018-11409

MEDIUM EXPLOITED NUCLEI

Splunk < 7.0.1 - Information Disclosure

Title source: rule

Description

Splunk through 7.0.1 allows information disclosure by appending __raw/services/server/info/server-info?output_mode=json to a query, as demonstrated by discovering a license key.

Exploits (2)

exploitdb WORKING POC

by KoF2002 · textwebappslinux

https://www.exploit-db.com/exploits/44865

View Code ZIP pw:eip

metasploit WORKING POC

by n00bhaxor, KOF2002, h00die · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/splunk_raw_server_info.rb

View Code ZIP pw:eip

Nuclei Templates (1)

Splunk <=7.0.1 - Information Disclosure

MEDIUMby harshbothra_

Shodan: http.title:"login - splunk"

FOFA: title="login - splunk"

References (3)

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1041148

[Exploit, Third Party Advisory] https://github.com/kofa2002/splunk

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/44865/

Scores

CVSS v3 5.3

EPSS 0.9222

EPSS Percentile 99.7%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

VulnCheck KEV 2023-11-26

CWE

CWE-200

Status published

Products (1)

splunk/splunk < 7.0.1

Published Jun 08, 2018

Tracked Since Feb 18, 2026