In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can run arbitrary operating system commands remotely through the use of specially crafted requests to the mobile alerts feature in the Splunk Secure Gateway app.
References
Link | Resource |
---|---|
https://research.splunk.com/application/baa41f09-df48-4375-8991-520beea161be/ | Exploit Vendor Advisory |
https://www.splunk.com/en_us/product-security/announcements/svd-2022-1107.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
07 Nov 2023, 03:53
Type | Values Removed | Values Added |
---|---|---|
Summary | In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can run arbitrary operating system commands remotely through the use of specially crafted requests to the mobile alerts feature in the Splunk Secure Gateway app. |
06 Jul 2023, 14:47
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-502 |
08 Nov 2022, 20:21
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
First Time |
Splunk
Splunk splunk Splunk splunk Cloud Platform |
|
CWE | NVD-CWE-noinfo | |
References | (MISC) https://research.splunk.com/application/baa41f09-df48-4375-8991-520beea161be/ - Exploit, Vendor Advisory | |
References | (MISC) https://www.splunk.com/en_us/product-security/announcements/svd-2022-1107.html - Vendor Advisory | |
CPE | cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:* cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:* |
04 Nov 2022, 23:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-11-04 23:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-43567
Mitre link : CVE-2022-43567
CVE.ORG link : CVE-2022-43567
JSON object : View
Products Affected
splunk
- splunk_cloud_platform
- splunk
CWE
CWE-502
Deserialization of Untrusted Data