CVE-2023-46214

CVSS v3 8.0 HIGH

8.0^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.3 / Impact : 6.0

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

I

n Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language transformations (XSLT) that users supply. This means that an attacker can upload malicious XSLT which can result in remote code execution on the Splunk Enterprise instance.

References

Link	Resource
https://advisory.splunk.com/advisories/SVD-2023-1104	Vendor Advisory
https://research.splunk.com/application/6cb7e011-55fb-48e3-a98d-164fa854e37e/	Vendor Advisory
https://research.splunk.com/application/a053e6a6-2146-483a-9798-2d43652f3299/	Vendor Advisory
https://advisory.splunk.com/advisories/SVD-2023-1104	Vendor Advisory
https://research.splunk.com/application/6cb7e011-55fb-48e3-a98d-164fa854e37e/	Vendor Advisory
https://research.splunk.com/application/a053e6a6-2146-483a-9798-2d43652f3299/	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:splunk:cloud::::::::
	cpe:2.3:a:splunk:splunk:::::enterprise:::*
	cpe:2.3:a:splunk:splunk:::::enterprise:::*

History

21 Nov 2024, 08:28

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~8.8~~	v2 : unknown v3 : 8.0
References	~~() https://advisory.splunk.com/advisories/SVD-2023-1104 - Vendor Advisory~~	() https://advisory.splunk.com/advisories/SVD-2023-1104 - Vendor Advisory
References	~~() https://research.splunk.com/application/6cb7e011-55fb-48e3-a98d-164fa854e37e/ - Vendor Advisory~~	() https://research.splunk.com/application/6cb7e011-55fb-48e3-a98d-164fa854e37e/ - Vendor Advisory
References	~~() https://research.splunk.com/application/a053e6a6-2146-483a-9798-2d43652f3299/ - Vendor Advisory~~	() https://research.splunk.com/application/a053e6a6-2146-483a-9798-2d43652f3299/ - Vendor Advisory

Information

Published : 2023-11-16 21:15

Updated : 2024-11-21 08:28

NVD link : CVE-2023-46214

Mitre link : CVE-2023-46214

CVE.ORG link : CVE-2023-46214

JSON object : View

Products Affected

cloud
splunk

CWE

CWE-91

XML Injection (aka Blind XPath Injection)

{"id": "CVE-2023-46214", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.0, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 1.3}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2023-11-16T21:15:08.630", "references": [{"url": "https://advisory.splunk.com/advisories/SVD-2023-1104", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://research.splunk.com/application/6cb7e011-55fb-48e3-a98d-164fa854e37e/", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://research.splunk.com/application/a053e6a6-2146-483a-9798-2d43652f3299/", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://advisory.splunk.com/advisories/SVD-2023-1104", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://research.splunk.com/application/6cb7e011-55fb-48e3-a98d-164fa854e37e/", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://research.splunk.com/application/a053e6a6-2146-483a-9798-2d43652f3299/", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-91"}]}, {"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-91"}]}], "descriptions": [{"lang": "en", "value": "In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language transformations (XSLT) that users supply. This means that an attacker can upload malicious XSLT which can result in remote code execution on the Splunk Enterprise instance."}, {"lang": "es", "value": "En las versiones de Splunk Enterprise inferiores a 9.0.7 y 9.1.2, Splunk Enterprise no sanitiza de forma segura las transformaciones de lenguaje de hojas de estilo extensibles (XSLT) que proporcionan los usuarios. Esto significa que un atacante puede cargar XSLT malicioso, lo que puede provocar la ejecuci\u00f3n remota de c\u00f3digo en la instancia de Splunk Enterprise."}], "lastModified": "2024-11-21T08:28:05.150", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:splunk:cloud:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9DD1990F-262A-4EE8-B2CB-15D460FE0A09", "versionEndExcluding": "9.1.2308"}, {"criteria": "cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "6F8221CD-BD35-4F7E-99D7-DC3D6458CF3B", "versionEndExcluding": "9.0.7", "versionStartIncluding": "9.0.0"}, {"criteria": "cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "1FBA35E0-60C0-444F-A544-8AA9C80FF94B", "versionEndExcluding": "9.1.2", "versionStartIncluding": "9.1.0"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}