Forum
CVE-2023-40598 - Splunk Enterprise
Zitat von MITs Forum am 30. August 2023, 0:00 UhrIn Splunk Enterprise versions below 8.2.12, 9.0.6, and 9.1.1, an attacker can create an external lookup that calls a legacy internal function. The attacker can use this internal function to insert code into the Splunk platform installation directory. From there, a user can execute arbitrary code on the Splunk platform Instance.
References
https://advisory.splunk.com/advisories/SVD-2023-0807
In Splunk Enterprise versions below 8.2.12, 9.0.6, and 9.1.1, an attacker can create an external lookup that calls a legacy internal function. The attacker can use this internal function to insert code into the Splunk platform installation directory. From there, a user can execute arbitrary code on the Splunk platform Instance.
References
https://advisory.splunk.com/advisories/SVD-2023-0807