Splunk Cloud Platform

Splunk Cloud version displayed on page without having to authenticate

jstacey_intuit
Explorer

Prior to even logging into a Splunk Cloud instance, at the very bottom of the page, the version (down to the build) is presented. This seems like information that should only be provided once authentication has taken place. Armed with this info, someone targeting a Splunk Cloud instance could potentially exploit documented vulnerabilities.

Splunk should consider removing this from a pre-authenticated screen, especially in Splunk Cloud.

alt text

0 Karma
1 Solution

yannK
Splunk Employee
Splunk Employee

This is fixed since splunk 6.5
Wait for the planned upgrade to get the version hidden.

View solution in original post

yannK
Splunk Employee
Splunk Employee

This is fixed since splunk 6.5
Wait for the planned upgrade to get the version hidden.

View solution in original post

.conf21 Now Fully Virtual!
Register for FREE Today!

We've made .conf21 totally virtual and totally FREE! Our completely online experience will run from 10/19 through 10/20 with some additional events, too!