SAML Authentication Bypass and Impersonation Vulnerability in Splunk Web

SAML Authentication Bypass and Impersonation Vulnerability in Splunk Web

CVE-2017-17067 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Splunk Web in Splunk Enterprise 7.0.x before 7.0.0.1, 6.6.x before 6.6.3.2, 6.5.x before 6.5.6, 6.4.x before 6.4.9, and 6.3.x before 6.3.12, when the SAML authType is enabled, mishandles SAML, which allows remote attackers to bypass intended access restrictions or conduct impersonation attacks.

Learn more about our Web App Pen Testing.