Lucene search

PRIOn knowledge basePRION:CVE-2022-43567

HistoryNov 04, 2022 - 11:15 p.m.

Design/Logic Flaw

2022-11-0423:15:00

PRIOn knowledge base

www.prio-n.com

splunk

enterprise

security flaw

command execution

mobile alerts

secure gateway

8.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.1%

JSON

In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can run arbitrary operating system commands remotely through the use of specially crafted requests to the mobile alerts feature in the Splunk Secure Gateway app.

CPENameOperatorVersion
splunkge9.0.0
splunklt9.0.2
splunkge8.2.0
splunklt8.2.9
splunkge8.1.0
splunklt8.1.12
splunk_cloud_platformlt9.0.2205

Name	Operator	Version
splunk	ge	9.0.0
splunk	lt	9.0.2
splunk	ge	8.2.0
splunk	lt	8.2.9
splunk	ge	8.1.0
splunk	lt	8.1.12
splunk_cloud_platform	lt	9.0.2205

References

research.splunk.com/application/baa41f09-df48-4375-8991-520beea161be/

www.splunk.com/en_us/product-security/announcements/svd-2022-1107.html