Monday, 3 April 2017

That Sound You Hear is Splunk Leaking Data

Splunk has patched a slip in its JavaScript implementation that leaks user information. The advisory at Full Disclosure explains that the leak happens if an attacker tricks an authenticated user into visiting a malicious Web page. It only leaks the username, and whether or not that user has enabled remote access; but this would provide enough for an attacker to try follow-up phishing attacks to try and get the user’s credentials.

View full story

ORIGINAL SOURCE: The Register

The post That Sound You Hear is Splunk Leaking Data appeared first on IT SECURITY GURU.



from That Sound You Hear is Splunk Leaking Data

No comments:

Post a Comment