Lucene search

CVE-2023-22940

🗓️ 14 Feb 2023 18:12:15Reported by [email protected]Type

Insecure 'collect' aliases in Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 4
Prion	Design/Logic Flaw	14 Feb 202318:15	–	prion
Cvelist	CVE-2023-22940 SPL Command Safeguards Bypass via the ‘collect’ SPL Command Aliases in Splunk Enterprise	14 Feb 202317:22	–	cvelist
CVE	CVE-2023-22940	14 Feb 202318:15	–	cve
Tenable Nessus	Splunk Enterprise 8.1 < 8.1.13, 8.2.0 < 8.2.10, 9.0.0 < 9.0.4 (SVD-2023-0210)	16 Feb 202300:00	–	nessus

Nvd

Node

splunk splunkRange8.1.0–8.1.13enterprise

splunk splunkRange8.2.0–8.2.10enterprise

splunk splunkRange9.0.0–9.0.4enterprise

splunk splunk_cloud_platformRange<9.0.2209.3

Source	Link
advisory	www.advisory.splunk.com/advisories/SVD-2023-0210
research	www.research.splunk.com/application/ee69374a-d27e-4136-adac-956a96ff60fd/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

14 Feb 2023 18:15Current

6.3Medium risk

Vulners AI Score6.3

CVSS35.7

EPSS0.00167

CWE-20