CVE-2023-40592
CVSS V2 None
CVSS V3 None
Description
In Splunk Enterprise versions below 9.1.1, 9.0.6, and 8.2.12, an attacker can craft a special web request that can result in reflected cross-site scripting (XSS) on the “/app/search/table” web endpoint. Exploitation of this vulnerability can lead to the execution of arbitrary commands on the Splunk platform instance.
Overview
- CVE ID
- CVE-2023-40592
- Assigner
- Splunk
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-08-30T16:19:38.525Z
- Last Modified Date
- 2024-04-10T00:53:10.840Z
Weakness Enumerations
References
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-40592 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40592 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-06-25 02:41:49 | Added to TrackCVE |