Splunk Products Multiple Vulnerabilities
Release Date:
5 Jun 2023
4032
Views
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities were identified in Splunk Products. A remote attacker could exploit some of these vulnerabilities to trigger sensitive information disclosure, denial of service, elevation of privilege, security restriction bypass and cross-site scripting on the targeted system.
Impact
- Cross-Site Scripting
- Information Disclosure
- Security Restriction Bypass
- Denial of Service
- Elevation of Privilege
System / Technologies affected
- Splunk App for Lookup File Editing: 4.0 and below
- Splunk App for Stream: Streamfwd 8.1 and below
- Splunk Cloud Platform: Splunk Web 9.0.2303 and below
- Splunk Enterprise: Splunk Web 8.1.0 to 8.1.13
- Splunk Enterprise: Splunk Web 8.2.0 to 8.2.10
- Splunk Enterprise: Splunk Web 9.0.0 to 9.0.4
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
- https://advisory.splunk.com/advisories/SVD-2023-0601
- https://advisory.splunk.com/advisories/SVD-2023-0602
- https://advisory.splunk.com/advisories/SVD-2023-0603
- https://advisory.splunk.com/advisories/SVD-2023-0604
- https://advisory.splunk.com/advisories/SVD-2023-0605
- https://advisory.splunk.com/advisories/SVD-2023-0606
- https://advisory.splunk.com/advisories/SVD-2023-0607
- https://advisory.splunk.com/advisories/SVD-2023-0608
- https://advisory.splunk.com/advisories/SVD-2023-0609
- https://advisory.splunk.com/advisories/SVD-2023-0610
- https://advisory.splunk.com/advisories/SVD-2023-0611
- https://advisory.splunk.com/advisories/SVD-2023-0612
Vulnerability Identifier
- CVE-2023-32706
- CVE-2023-32707
- CVE-2023-32708
- CVE-2023-32709
- CVE-2023-32710
- CVE-2023-32711
- CVE-2023-32712
- CVE-2023-32713
- CVE-2023-32714
- CVE-2023-32715
- CVE-2023-32716
- CVE-2023-32717
Source
Related Link
- https://advisory.splunk.com/advisories/SVD-2023-0601
- https://advisory.splunk.com/advisories/SVD-2023-0602
- https://advisory.splunk.com/advisories/SVD-2023-0603
- https://advisory.splunk.com/advisories/SVD-2023-0604
- https://advisory.splunk.com/advisories/SVD-2023-0605
- https://advisory.splunk.com/advisories/SVD-2023-0606
- https://advisory.splunk.com/advisories/SVD-2023-0607
- https://advisory.splunk.com/advisories/SVD-2023-0608
- https://advisory.splunk.com/advisories/SVD-2023-0609
- https://advisory.splunk.com/advisories/SVD-2023-0610
- https://advisory.splunk.com/advisories/SVD-2023-0611
- https://advisory.splunk.com/advisories/SVD-2023-0612
Related Tags
Share with