Lucene search
+L

5 matches found

nvd
nvd
added 2023/08/30 5:15 p.m.33 views

CVE-2023-40598

In Splunk Enterprise versions below 8.2.12, 9.0.6, and 9.1.1, an attacker can create an external lookup that calls a legacy internal function. The attacker can use this internal function to insert code into the Splunk platform installation directory. From there, a user can execute arbitrary code ...

8.8CVSS8.8AI score0.00598EPSS
Exploits0References2
cve
cve
added 2023/08/30 4:19 p.m.205 views

CVE-2023-40598

CVE-2023-40598 affects Splunk Enterprise prior to 8.2.12, 9.0.6, and 9.1.1. The issue allows an attacker to create an external lookup that calls a legacy internal function, enabling insertion of code into the Splunk installation directory and resulting in arbitrary code execution on the platform ...

8.8CVSS8.8AI score0.00598EPSS
Exploits0References2Affected Software2
vulnrichment
vulnrichment
added 2023/08/30 4:19 p.m.14 views

CVE-2023-40598 Command Injection in Splunk Enterprise Using External Lookups

In Splunk Enterprise versions below 8.2.12, 9.0.6, and 9.1.1, an attacker can create an external lookup that calls a legacy internal function. The attacker can use this internal function to insert code into the Splunk platform installation directory. From there, a user can execute arbitrary code ...

8.5CVSS7.6AI score0.00598EPSS
Exploits0References2
cvelist
cvelist
added 2023/08/30 4:19 p.m.31 views

CVE-2023-40598 Command Injection in Splunk Enterprise Using External Lookups

In Splunk Enterprise versions below 8.2.12, 9.0.6, and 9.1.1, an attacker can create an external lookup that calls a legacy internal function. The attacker can use this internal function to insert code into the Splunk platform installation directory. From there, a user can execute arbitrary code ...

8.5CVSS9AI score0.00598EPSS
Exploits0References2
nessus
nessus
added 2023/08/30 12:0 a.m.19 views

Splunk Enterprise 8.2.0 < 8.2.12, 9.0.0 < 9.0.6, 9.1.0 < 9.1.1 (SVD-2023-0807)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2023-0807 advisory. - In Splunk Enterprise versions below 8.2.12, 9.0.6, and 9.1.1, an attacker can create an external lookup that calls a legacy...

8.8CVSS8.5AI score0.00598EPSS
Exploits0References2
Rows per page
Query Builder