KL-001-2017-022 : Splunk Local Privilege Escalation
Title: Splunk Local Privilege Escalation
Advisory ID: KL-001-2017-022
Publication Date: 2017.11.03
Publication URL:
https://www.korelogic.com/Resources/Advisories/KL-001-2017-022.txt
1. Vulnerability Details
Affected Vendor: Splunk
Advisory: XML External Entity Expansion in Ladon Webservice
Attackers who can send SOAP messages to a Ladon webservice via the HTTP
interface of the Ladon webservice can exploit an XML external entity expansion
vulnerability and read local files, forge server side requests or overload the
service
