Vulnerability Description
In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can run arbitrary operating system commands remotely through the use of specially crafted requests to the mobile alerts feature in the Splunk Secure Gateway app.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Splunk | Splunk | >= 8.1.0, < 8.1.12 |
| Splunk | Splunk Cloud Platform | < 9.0.2205 |
Related Weaknesses (CWE)
References
- https://research.splunk.com/application/baa41f09-df48-4375-8991-520beea161be/ExploitVendor Advisory
- https://www.splunk.com/en_us/product-security/announcements/svd-2022-1107.htmlVendor Advisory
- https://research.splunk.com/application/baa41f09-df48-4375-8991-520beea161be/ExploitVendor Advisory
- https://www.splunk.com/en_us/product-security/announcements/svd-2022-1107.htmlVendor Advisory
FAQ
What is CVE-2022-43567?
CVE-2022-43567 is a vulnerability with a CVSS score of 8.8 (HIGH). In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can run arbitrary operating system commands remotely through the use of specially crafted requests to the mobile ale...
How severe is CVE-2022-43567?
CVE-2022-43567 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-43567?
Check the references section above for vendor advisories and patch information. Affected products include: Splunk Splunk, Splunk Splunk Cloud Platform.