CVSS: 8.8EPSS: 31%CPEs: 3EXPL: 1CVE-2023-46214 – Remote code execution (RCE) in Splunk Enterprise through Insecure XML Parsing
https://notcve.org/view.php?id=CVE-2023-46214
In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language transformations (XSLT) that users supply. This means that an attacker can upload malicious XSLT which can result in remote code execution on the Splunk Enterprise instance. En las versiones de Splunk Enterprise inferiores a 9.0.7 y 9.1.2, Splunk Enterprise no sanitiza de forma segura las transformaciones de lenguaje de hojas de estilo extensibles (XSLT) que proporcionan los usuarios. Esto significa que un atacante puede cargar XSLT malicioso, lo que puede provocar la ejecución remota de código en la instancia de Splunk Enterprise. • https://advisory.splunk.com/advisories/SVD-2023-1104 https://research.splunk.com/application/6cb7e011-55fb-48e3-a98d-164fa854e37e https://research.splunk.com/application/a053e6a6-2146-483a-9798-2d43652f3299 https://github.com/nathan31337/Splunk-RCE-poc https://blog.hrncirik.net/cve-2023-46214-analysis https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/http/splunk_xslt_authenticated_rce.rb • CWE-91: XML Injection (aka Blind XPath Injection) •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21447
https://notcve.org/view.php?id=CVE-2023-21447
Improper access control vulnerabilities in Samsung Cloud prior to version 5.3.0.32 allows local attackers to access information with Samsung Cloud's privilege via implicit intent. • https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=02 • CWE-284: Improper Access Control CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 5.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21448
https://notcve.org/view.php?id=CVE-2023-21448
Path traversal vulnerability in Samsung Cloud prior to version 5.3.0.32 allows attacker to access specific png file. • https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=02 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-33713
https://notcve.org/view.php?id=CVE-2022-33713
Implicit Intent hijacking vulnerability in Samsung Cloud prior to version 5.2.0 allows attacker to get sensitive information. La vulnerabilidad de secuestro de Intención Implícita en Samsung Cloud versiones anteriores a 5.2.0, permite a un atacante conseguir información confidencial • https://security.samsungmobile.com/serviceWeb.smsb?year==2022&month=07 • CWE-285: Improper Authorization •
CVSS: 4.6EPSS: 0%CPEs: 4EXPL: 0CVE-2022-24932
https://notcve.org/view.php?id=CVE-2022-24932
Improper Protection of Alternate Path vulnerability in Setup wizard process prior to SMR Mar-2022 Release 1 allows physical attacker package installation before finishing Setup wizard. Una vulnerabilidad de Protección Inapropiada de la Ruta Alternativa en el proceso del Asistente de Instalación versiones anteriores a 1 de SMR Mar-2022, permite una instalación de paquetes de atacantes físicos antes de finalizar el asistente de Instalación • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=3 • CWE-424: Improper Protection of Alternate Path •