Lucene search

SplunkCVELIST:CVE-2022-43561

HistoryNov 03, 2022 - 10:06 p.m.

CVE-2022-43561 Persistent Cross-Site Scripting in “Save Table” Dialog in Splunk Enterprise

2022-11-0322:06:41

CWE-79

Splunk

www.cve.org

cve-2022-43561

remote user

power splunk role

arbitrary scripts

persistent xss

splunk web

6.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

29.7%

JSON

In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, a remote user that holds the “power” Splunk role can store arbitrary scripts that can lead to persistent cross-site scripting (XSS). The vulnerability affects instances with Splunk Web enabled.

CNA Affected

[
  {
    "defaultStatus": "affected",
    "product": "Splunk Enterprise",
    "vendor": "Splunk",
    "versions": [
      {
        "lessThan": "8.1.12",
        "status": "affected",
        "version": "8.1",
        "versionType": "custom"
      },
      {
        "lessThan": "8.2.9",
        "status": "affected",
        "version": "8.2",
        "versionType": "custom"
      },
      {
        "lessThan": "9.0.2",
        "status": "affected",
        "version": "9.0",
        "versionType": "custom"
      }
    ]
  }
]

References

research.splunk.com/application/a974d1ee-ddca-4837-b6ad-d55a8a239c20/

www.splunk.com/en_us/product-security/announcements/svd-2022-1101.html

6.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

29.7%

JSON

Related for CVELIST:CVE-2022-43561