Lucene search
K

5 matches found

Circl
Circl
added 2025/05/05 9:20 p.m.7 views

CVE-2022-43563

creationtimestamp| type| source ---|---|--- 2025-05-05 21:20:12+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14995...

8.8CVSS8.1AI score0.00595EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/11/04 10:19 p.m.8 views

CVE-2022-43563 Risky command safeguards bypass via rex search command field names in Splunk Enterprise

In Splunk Enterprise versions below 8.2.9 and 8.1.12, the way that the rex search command handles field names lets an attacker bypass SPL safeguards for risky commands https://docs.splunk.com/Documentation/SplunkCloud/latest/Security/SPLsafeguards . The vulnerability requires the attacker to phis...

8.1CVSS7.1AI score0.00595EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/11/04 10:19 p.m.23 views

CVE-2022-43563 Risky command safeguards bypass via rex search command field names in Splunk Enterprise

In Splunk Enterprise versions below 8.2.9 and 8.1.12, the way that the rex search command handles field names lets an attacker bypass SPL safeguards for risky commands https://docs.splunk.com/Documentation/SplunkCloud/latest/Security/SPLsafeguards . The vulnerability requires the attacker to phis...

8.1CVSS9AI score0.00595EPSS
Exploits0References1
CVE
CVE
added 2022/11/04 10:19 p.m.69 views

CVE-2022-43563

Splunk Enterprise is affected in versions before 8.2.9 and 8.1.12 due to how the rex search command handles field names, which can bypass SPL safeguards for risky commands. The attack requires phishing the victim into initiating a request in their browser; it is not exploitable at will. The issue...

8.8CVSS8.6AI score0.00595EPSS
Exploits0References1Affected Software2
Tenable Nessus
Tenable Nessus
added 2022/11/03 12:0 a.m.30 views

Splunk Enterprise 8.1 < 8.1.12, 8.2.0 < 8.2.9 (SVD-2022-1103)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2022-1103 advisory. - In Splunk Enterprise versions below 8.2.9 and 8.1.12, the way that the rex' search command handles field names lets an attack...

8.8CVSS8AI score0.00595EPSS
Exploits0References2
Rows per page
Query Builder