Lucene search

SplunkCVELIST:CVE-2023-40597

HistoryAug 30, 2023 - 4:19 p.m.

CVE-2023-40597 Absolute Path Traversal in Splunk Enterprise Using runshellscript.py

2023-08-3016:19:44

Splunk

www.cve.org

cve-2023-40597

splunk enterprise

path traversal

arbitrary code

disk

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

AI Score

9.1

Confidence

High

EPSS

Percentile

15.6%

JSON

In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can exploit an absolute path traversal to execute arbitrary code that is located on a separate disk.

CNA Affected

[
  {
    "product": "Splunk Enterprise",
    "vendor": "Splunk",
    "versions": [
      {
        "version": "8.2",
        "status": "affected",
        "versionType": "custom",
        "lessThan": "8.2.12"
      },
      {
        "version": "9.0",
        "status": "affected",
        "versionType": "custom",
        "lessThan": "9.0.6"
      },
      {
        "version": "9.1",
        "status": "affected",
        "versionType": "custom",
        "lessThan": "9.1.1"
      }
    ]
  },
  {
    "product": "Splunk Cloud",
    "vendor": "Splunk",
    "versions": [
      {
        "version": "-",
        "status": "affected",
        "versionType": "custom",
        "lessThan": "9.0.2305.200"
      }
    ]
  }
]

References

advisory.splunk.com/advisories/SVD-2023-0806

research.splunk.com/application/356bd3fe-f59b-4f64-baa1-51495411b7ad/

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

AI Score

9.1

Confidence

High

EPSS

Percentile

15.6%

JSON

Related for CVELIST:CVE-2023-40597