EUVD-2023-45154

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Insecure path in Splunk Enterprise allows privilege escalation on Windows through malicious DLL usage.

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2023-40596	30 Aug 202320:12	–	circl
CNNVD	Splunk 代码问题漏洞	30 Aug 202300:00	–	cnnvd
CVE	CVE-2023-40596	30 Aug 202316:19	–	cve
Cvelist	CVE-2023-40596 Splunk Enterprise on Windows Privilege Escalation due to Insecure OPENSSLDIR Build Definition Reference in DLL	30 Aug 202316:19	–	cvelist
NCSC	Vulnerabilities fixed in Splunk Enterprise	31 Aug 202300:00	–	ncsc
NVD	CVE-2023-40596	30 Aug 202317:15	–	nvd
OSV	CVE-2023-40596	30 Aug 202317:15	–	osv
Prion	Design/Logic Flaw	30 Aug 202317:15	–	prion
Positive Technologies	PT-2023-4799 · Splunk · Splunk Enterprise	16 Aug 202300:00	–	ptsecurity
Tenable Nessus	Splunk Enterprise 8.2.0 < 8.2.12, 9.0.0 < 9.0.6, 9.1.0 < 9.1.1 (SVD-2023-0805)	30 Aug 202300:00	–	nessus

[
  {
    "enisaIdVendor": [
      {
        "id": "17475e8a-e7b3-33cb-8933-fad4864ae0ca",
        "vendor": {
          "name": "Splunk"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "5911c50e-abb2-3e6f-a5b7-e3961b2e67f8",
        "product": {
          "name": "Splunk Enterprise"
        },
        "product_version": "8.2 <8.2.12"
      },
      {
        "id": "5b423ba1-8911-3024-800e-f995423eda6c",
        "product": {
          "name": "Splunk Enterprise"
        },
        "product_version": "9.1 <9.1.1"
      },
      {
        "id": "a13863d2-d168-3caf-ba38-1c7b97fe71f0",
        "product": {
          "name": "Splunk Enterprise"
        },
        "product_version": "9.0 <9.0.6"
      }
    ]
  }
]

Source	Link
advisory	www.advisory.splunk.com/advisories/SVD-2023-0805

03 Oct 2025 20:07Current

8.5High risk

Vulners AI Score8.5

CVSS 3.17 - 8.8

EPSS0.00055

SSVC