Vulnerability Description
In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language transformations (XSLT) that users supply. This means that an attacker can upload malicious XSLT which can result in remote code execution on the Splunk Enterprise instance.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Splunk | Cloud | < 9.1.2308 |
| Splunk | Splunk | >= 9.0.0, < 9.0.7 |
Related Weaknesses (CWE)
References
- https://advisory.splunk.com/advisories/SVD-2023-1104Vendor Advisory
- https://research.splunk.com/application/6cb7e011-55fb-48e3-a98d-164fa854e37e/Vendor Advisory
- https://research.splunk.com/application/a053e6a6-2146-483a-9798-2d43652f3299/Vendor Advisory
- https://advisory.splunk.com/advisories/SVD-2023-1104Vendor Advisory
- https://research.splunk.com/application/6cb7e011-55fb-48e3-a98d-164fa854e37e/Vendor Advisory
- https://research.splunk.com/application/a053e6a6-2146-483a-9798-2d43652f3299/Vendor Advisory
FAQ
What is CVE-2023-46214?
CVE-2023-46214 is a vulnerability with a CVSS score of 8.0 (HIGH). In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language transformations (XSLT) that users supply. This means that an attacker can...
How severe is CVE-2023-46214?
CVE-2023-46214 has been rated HIGH with a CVSS base score of 8.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-46214?
Check the references section above for vendor advisories and patch information. Affected products include: Splunk Cloud, Splunk Splunk.