In Splunk Enterprise versions below... CVE-2023-40598

- AV AC AU C I A
发布: 2023-08-30
修订: 2024-04-10

In Splunk Enterprise versions below 8.2.12, 9.0.6, and 9.1.1, an attacker can create an external lookup that calls a legacy internal function. The attacker can use this internal function to insert code into the Splunk platform installation directory. From there, a user can execute arbitrary code on the Splunk platform Instance.

0%
暂无可用Exp或PoC
当前有4条受影响产品信息