Archive2

Ask about splunk cookie modulation vulnerability and session fixing vulnerability

Path Finder

Hi

Does the splunk have the following security vulnerabilities? ( in Splumk 7.1.2 )

ㅡㅡㅡㅡㅡㅡㅡㅡㅡㅡㅡㅡㅡㅡㅡㅡㅡㅡㅡㅡㅡㅡㅡㅡ
Threat Cookie Modulation Vulnerability (a vulnerability that enables the use of a fixed identity value modulation of a cookie value, if not properly protected, to be used to disguise and increase permissions as another user at all times)Allow one detour) and session timeout settings (threats such as not specifying the expiration period of the session or setting the expiration date for an attacker to take advantage of unexpired sessions).

0 Karma
Reply