3 matches found
CVE-2023-22931
creationtimestamp| type| source ---|---|--- 2023-02-14 20:35:51+00:00| seen| https://t.me/cibsecurity/58127...
CVE-2023-22931
Splunk Enterprise before versions 8.1.13 and 8.2.10 are affected by CVE-2023-22931 due to the createrss external search command overwriting RSS feeds without permission checks. The root cause is the use of a deprecated feature that has been disabled by default, but remains exploitable in older bu...
CVE-2023-22931 ‘createrss’ External Search Command Overwrites Existing RSS Feeds in Splunk Enterprise
In Splunk Enterprise versions below 8.1.13 and 8.2.10, the ‘createrss’ external search command overwrites existing Resource Description Format Site Summary RSS feeds without verifying permissions. This feature has been deprecated and disabled by default...