3 matches found
CVE-2022-43570 XML External Entity Injection through a custom View in Splunk Enterprise
In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, an authenticated user can perform an extensible markup language XML external entity XXE injection via a custom View. The XXE injection causes Splunk Web to embed incorrect documents into an error...
CVE-2022-43570 XML External Entity Injection through a custom View in Splunk Enterprise
In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, an authenticated user can perform an extensible markup language XML external entity XXE injection via a custom View. The XXE injection causes Splunk Web to embed incorrect documents into an error...
Splunk Enterprise 8.1 < 8.1.12, 8.2.0 < 8.2.9, 9.0.0 < 9.0.2 (SVD-2022-1110)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2022-1110 advisory. - In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, an authenticated user can perform an extensible markup language...