5 matches found
Exploit for Code Injection in Splunk
CVE-2022-43571 CVE-2022-43571 Splunk RCE – my personal journe...
CVE-2022-43571 Remote Code Execution through dashboard PDF generation component in Splunk Enterprise
In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can execute arbitrary code through the dashboard PDF generation component...
CVE-2022-43571 Remote Code Execution through dashboard PDF generation component in Splunk Enterprise
In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can execute arbitrary code through the dashboard PDF generation component...
CVE-2022-43571
CVE-2022-43571 affects Splunk Enterprise prior to versions 8.2.9, 8.1.12, and 9.0.2. An authenticated user can trigger arbitrary code execution via the dashboard PDF generation component (SimpleXML dashboards) due to code injection in styling parameters used during PDF export. Exploitation is dem...
Splunk Enterprise 8.1 < 8.1.12, 8.2.0 < 8.2.9, 9.0.0 < 9.0.2 (SVD-2022-1111)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2022-1111 advisory. - In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can execute arbitrary code through the...