Ask about splunk cookie modulation vulnerability and session fixing vulnerability

Path Finder


Does the splunk have the following security vulnerabilities? ( in Splumk 7.1.2 )

Threat Cookie Modulation Vulnerability (a vulnerability that enables the use of a fixed identity value modulation of a cookie value, if not properly protected, to be used to disguise and increase permissions as another user at all times)Allow one detour) and session timeout settings (threats such as not specifying the expiration period of the session or setting the expiration date for an attacker to take advantage of unexpired sessions).

0 Karma