- 302/2023
- High
Splunk has released a security update to fix multiple vulnerabilities across several Splunk products.
The addressed vulnerabilities could allow the remote attacker to execute arbitrary code, perform cross-site scripting attacks, or gain access to the affected systems.
Sample of the addressed vulnerabilities:
Splunk Enterprise Code Execution Vulnerability (CVE-2023-46214):
- CVSS: 8.0
- Attack Vector: Network
- Attack Complexity: High
- Privileges Required: Low
- User Interaction: Required
- Consequences: Gain Access
Affected Products:
- Splunk Enterprise 9.0.0 to 9.0.6
- Splunk Enterprise 9.1.0 to 9.1.1
- Splunk Cloud Versions below 9.1.2308
It should be highlighted that security researchers are aware of a public exploit that exists in the wild for CVE-2023-46214.
Vulnerabilities
- CVE-2023-46213
- CVE-2023-46214
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.