{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-16T04:34:28.487","vulnerabilities":[{"cve":{"id":"CVE-2016-4857","sourceIdentifier":"vultures@jpcert.or.jp","published":"2017-05-12T18:29:00.343","lastModified":"2025-04-20T01:37:25.860","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Open redirect vulnerability in Splunk Enterprise 6.4.x prior to 6.4.2, Splunk Enterprise 6.3.x prior to 6.3.6, Splunk Enterprise 6.2.x prior to 6.2.11 and Splunk Light prior to 6.4.2 allows to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors."},{"lang":"es","value":"Vulnerabilidad de redirección abierta en Splunk Enterprise versiones 6.4.x anteriores a la 6.4.2, Splunk Enterprise versiones 6.3.x anteriores a la 6.3.6, Splunk Enterprise versiones 6.2.x anteriores a la 6.2.11 y Splunk Light anteriores a la 6.4.2, que permitiría la redirección de usuarios a sitios web arbitrarios y realizar ataques de phishing a través de vectores no especificados."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:N","baseScore":5.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-601"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:splunk:*:*:*:*:light:*:*:*","versionEndIncluding":"6.4.2","matchCriteriaId":"02523B66-B82A-4B09-8282-061E60761DBF"},{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:splunk:6.2.0:*:*:*:enterprise:*:*:*","matchCriteriaId":"6A1B5DB3-86EE-43D5-8FA2-C62CB0F1589B"},{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:splunk:6.2.1:*:*:*:enterprise:*:*:*","matchCriteriaId":"1AD74B94-BA4C-4679-AD80-AB268F930800"},{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:splunk:6.2.2:*:*:*:enterprise:*:*:*","matchCriteriaId":"F6B51A1C-15FA-4F09-BEC0-2365EA1B2320"},{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:splunk:6.2.3:*:*:*:enterprise:*:*:*","matchCriteriaId":"3DF8E96E-9A0C-4865-9891-6FF686FAFC10"},{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:splunk:6.2.4:*:*:*:enterprise:*:*:*","matchCriteriaId":"3E86FB3D-CD13-45CD-9D2C-C66C171D6D1E"},{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:splunk:6.2.5:*:*:*:enterprise:*:*:*","matchCriteriaId":"7C568818-BFF9-4262-9092-4C441FE34C41"},{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:splunk:6.2.6:*:*:*:enterprise:*:*:*","matchCriteriaId":"49EB8850-F83A-42AB-B4F2-F5867992E636"},{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:splunk:6.2.7:*:*:*:enterprise:*:*:*","matchCriteriaId":"2B9A57FA-F313-4FD8-8354-86771173F3F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:splunk:6.2.8:*:*:*:enterprise:*:*:*","matchCriteriaId":"00151508-4BC7-492D-846A-87CD1E2FFB56"},{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:splunk:6.2.9:*:*:*:enterprise:*:*:*","matchCriteriaId":"A036EB08-E546-4FF4-922D-9E343918310D"},{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:splunk:6.2.10:*:*:*:enterprise:*:*:*","matchCriteriaId":"EE18045F-40CF-4680-8196-5381FFA80C12"},{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:splunk:6.3.0:*:*:*:enterprise:*:*:*","matchCriteriaId":"017E3E44-C062-463F-B9D3-75BA57992C91"},{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:splunk:6.3.1:*:*:*:enterprise:*:*:*","matchCriteriaId":"A2BB5352-F0AF-4578-979A-7E7D3259A94A"},{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:splunk:6.3.2:*:*:*:enterprise:*:*:*","matchCriteriaId":"011F96AC-580A-4798-82F9-5D7CF80505DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:splunk:6.3.3:*:*:*:enterprise:*:*:*","matchCriteriaId":"8B2CE702-BB9A-426C-ADE1-6CC0CD96A2CF"},{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:splunk:6.3.4:*:*:*:enterprise:*:*:*","matchCriteriaId":"51ABD86F-DD27-43D6-AC0C-BE8E7B5A6308"},{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:splunk:6.3.5:*:*:*:enterprise:*:*:*","matchCriteriaId":"EED5369E-4539-4598-85C9-00384CBB7410"},{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:splunk:6.4.0:*:*:*:enterprise:*:*:*","matchCriteriaId":"D0BDC526-0F46-41E6-B723-D93A5FA288B1"},{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:splunk:6.4.1:*:*:*:enterprise:*:*:*","matchCriteriaId":"9BCB1613-C716-4147-9E1E-0FCAD800DE1D"}]}]}],"references":[{"url":"https://jvn.jp/en/jp/JVN39926655/index.html","source":"vultures@jpcert.or.jp","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://www.splunk.com/view/SP-CAAAPQM","source":"vultures@jpcert.or.jp","tags":["Vendor Advisory"]},{"url":"https://jvn.jp/en/jp/JVN39926655/index.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://www.splunk.com/view/SP-CAAAPQM","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}