CVE-2010-3323 Information

Description

Splunk 4.0.0 through 4.1.4 allows remote attackers to conduct session hijacking attacks and obtain the splunkd session key via vectors related to the SPLUNKD_SESSION_KEY parameter.

Reference

http://www.splunk.com/view/SP-CAAAFQ6