CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-40597 – Absolute Path Traversal in Splunk Enterprise Using runshellscript.py
https://notcve.org/view.php?id=CVE-2023-40597
In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can exploit an absolute path traversal to execute arbitrary code that is located on a separate disk. • https://advisory.splunk.com/advisories/SVD-2023-0806 https://research.splunk.com/application/356bd3fe-f59b-4f64-baa1-51495411b7ad • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-36: Absolute Path Traversal •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-40596 – Splunk Enterprise on Windows Privilege Escalation due to Insecure OPENSSLDIR Build Definition Reference in DLL
https://notcve.org/view.php?id=CVE-2023-40596
In Splunk Enterprise versions earlier than 8.2.12, 9.0.6, and 9.1.1, a dynamic link library (DLL) that ships with Splunk Enterprise references an insecure path for the OPENSSLDIR build definition. An attacker can abuse this reference and subsequently install malicious code to achieve privilege escalation on the Windows machine. • https://advisory.splunk.com/advisories/SVD-2023-0805 • CWE-427: Uncontrolled Search Path Element CWE-665: Improper Initialization •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-40593 – Denial of Service (DoS) in Splunk Enterprise Using a Malformed SAML Request
https://notcve.org/view.php?id=CVE-2023-40593
In Splunk Enterprise versions lower than 9.0.6 and 8.2.12, a malicious actor can send a malformed security assertion markup language (SAML) request to the `/saml/acs` REST endpoint which can cause a denial of service through a crash or hang of the Splunk daemon. • https://advisory.splunk.com/advisories/SVD-2023-0802 https://research.splunk.com/application/8e8a86d5-f323-4567-95be-8e817e2baee6 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-40594 – Denial of Service (DoS) via the ‘printf’ Search Function
https://notcve.org/view.php?id=CVE-2023-40594
In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can use the `printf` SPL function to perform a denial of service (DoS) against the Splunk Enterprise instance. • https://advisory.splunk.com/advisories/SVD-2023-0803 https://research.splunk.com/application/78b48d08-075c-4eac-bd07-e364c3780867 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.4EPSS: 0%CPEs: 4EXPL: 0CVE-2023-40592 – Reflected Cross-site Scripting (XSS) on "/app/search/table" web endpoint
https://notcve.org/view.php?id=CVE-2023-40592
In Splunk Enterprise versions below 9.1.1, 9.0.6, and 8.2.12, an attacker can craft a special web request that can result in reflected cross-site scripting (XSS) on the “/app/search/table” web endpoint. Exploitation of this vulnerability can lead to the execution of arbitrary commands on the Splunk platform instance. • https://advisory.splunk.com/advisories/SVD-2023-0801 https://research.splunk.com/application/182f9080-4137-4629-94ac-cb1083ac981a • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •