When handling a mismatched pre-authentication cookie, the application leaks the internal error message in the response, which contains the Splunk Enterprise local system path. The vulnerability impacts Splunk Enterprise versions before 8.1.0.
The vulnerability impacts instances with Splunkweb enabled. See Disable unnecessary Splunk Enterprise components and web.conf for more information on disabling Splunkweb.
Upgrade Splunk Enterprise to 8.1.0 or later.