Splunk Products Multiple Vulnerabilities
Release Date:
4 Sep 2023
3426
Views
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities were identified in Splunk Products. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution, elevation of privilege, denial of service and cross-site scripting on the targeted system.
Impact
- Cross-Site Scripting
- Denial of Service
- Elevation of Privilege
- Remote Code Execution
System / Technologies affected
- Splunk Cloud Platform: Splunk Web 9.0.2305.100 and below
- Splunk Enterprise: Splunk Web 8.2.0 to 8.2.11
- Splunk Enterprise: Splunk Web 9.0.0 to 9.0.5
- Splunk Enterprise: Splunk Web 9.1.0
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
- https://advisory.splunk.com/advisories/SVD-2023-0801
- https://advisory.splunk.com/advisories/SVD-2023-0802
- https://advisory.splunk.com/advisories/SVD-2023-0803
- https://advisory.splunk.com/advisories/SVD-2023-0804
- https://advisory.splunk.com/advisories/SVD-2023-0805
- https://advisory.splunk.com/advisories/SVD-2023-0806
- https://advisory.splunk.com/advisories/SVD-2023-0807
Vulnerability Identifier
Source
Related Link
- https://advisory.splunk.com/advisories/SVD-2023-0801
- https://advisory.splunk.com/advisories/SVD-2023-0802
- https://advisory.splunk.com/advisories/SVD-2023-0803
- https://advisory.splunk.com/advisories/SVD-2023-0804
- https://advisory.splunk.com/advisories/SVD-2023-0805
- https://advisory.splunk.com/advisories/SVD-2023-0806
- https://advisory.splunk.com/advisories/SVD-2023-0807
Share with