In Splunk Enterprise versions below 8.2.12, 9.0.6, and 9.1.1, an attacker can create an external lookup that calls a legacy internal function. The attacker can use this internal function to insert code into the Splunk platform installation directory. From there, a user can execute arbitrary code on the Splunk platform Instance.
Metrics
Affected Vendors & Products
References
History
Tue, 03 Dec 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: Splunk
Published: 2023-08-30T16:19:28.135Z
Updated: 2024-12-10T18:00:45.557Z
Reserved: 2023-08-16T22:07:52.838Z
Link: CVE-2023-40598
Vulnrichment
Updated: 2024-08-02T18:38:50.310Z
NVD
Status : Modified
Published: 2023-08-30T17:15:10.267
Modified: 2024-11-21T08:19:47.817
Link: CVE-2023-40598
Redhat
No data.