CVE-2023-40597

Description

In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can exploit an absolute path traversal to execute arbitrary code that is located on a separate disk.

CVSS breakdown

CVSS 3.1

Attack Vector

Local

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Affected products

Splunk / Splunk Cloud9.0.2305.200
Splunk / Splunk Enterprise8.2 – 8.2.12
Splunk / Splunk Enterprise9.0 – 9.0.6
Splunk / Splunk Enterprise9.1 – 9.1.1

References

VENDOR_ADVISORYhttps://advisory.splunk.com/advisories/SVD-2023-0806
MISChttps://research.splunk.com/application/356bd3fe-f59b-4f64-baa1-51495411b7ad/