In Splunk Enterprise versions below 8.1.13 and 8.2.10, the ‘createrss’ external search command overwrites existing Resource Description Format Site Summary (RSS) feeds without verifying permissions. This feature has been deprecated and disabled by default.
References
Link | Resource |
---|---|
https://advisory.splunk.com/advisories/SVD-2023-0201 | Vendor Advisory |
https://research.splunk.com/application/ee69374a-d27e-4136-adac-956a96ff60fd/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
23 Feb 2023, 14:28
Type | Values Removed | Values Added |
---|---|---|
First Time |
Splunk splunk
Splunk splunk Cloud Platform Splunk |
|
CPE | cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:* cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:* |
|
CWE | CWE-276 | |
References | (MISC) https://advisory.splunk.com/advisories/SVD-2023-0201 - Vendor Advisory | |
References | (MISC) https://research.splunk.com/application/ee69374a-d27e-4136-adac-956a96ff60fd/ - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.3 |
14 Feb 2023, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-02-14 18:15
Updated : 2024-04-10 01:15
NVD link : CVE-2023-22931
Mitre link : CVE-2023-22931
CVE.ORG link : CVE-2023-22931
JSON object : View
Products Affected
splunk
- splunk_cloud_platform
- splunk