Lucene search
CVE-2023-22935
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, a vulnerability allows bypass SPL safeguards by manipulating 'display.page.search.patterns.sensitivity' parameter. Requires higher privileged user to initiate request in browser. Affects instances with Splunk Web enabled
Show more
| Reporter | Title | Published | Views | Family All 4 |
|---|---|---|---|---|
 | CVE-2023-22935 | 14 Feb 202318:15 | – | nvd |
 | CVE-2023-22935 SPL Command Safeguards Bypass via the ‘display.page.search.patterns.sensitivity’ Search Parameter in Splunk Enterprise | 14 Feb 202317:22 | – | cvelist |
 | Design/Logic Flaw | 14 Feb 202318:15 | – | prion |
 | Splunk Enterprise 8.1 < 8.1.13, 8.2.0 < 8.2.10, 9.0.0 < 9.0.4 (SVD-2023-0205) | 16 Feb 202300:00 | – | nessus |
[
{
"product": "Splunk Enterprise",
"vendor": "Splunk",
"versions": [
{
"version": "8.1",
"status": "affected",
"versionType": "custom",
"lessThan": "8.1.13"
},
{
"version": "8.2",
"status": "affected",
"versionType": "custom",
"lessThan": "8.2.10"
},
{
"version": "9.0",
"status": "affected",
"versionType": "custom",
"lessThan": "9.0.4"
}
]
},
{
"product": "Splunk Cloud Platform",
"vendor": "Splunk",
"versions": [
{
"version": "-",
"status": "affected",
"versionType": "custom",
"lessThan": "9.0.2209.3"
}
]
}
]Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo14 Feb 2023 18:15Current
8.3High risk
Vulners AI Score8.3
CVSS38.1 - 8.8
EPSS0.00196