image credit: adobe stock
The most severe of the bugs resolved in Splunk Enterprise this month is CVE-2023-40595 (CVSS score of 8.8), which is described as a remote code execution issue exploitable using crafted queries.
“The exploit requires the use of the collect SPL command which writes a file within the Splunk Enterprise installation. The attacker can then use this file to submit a serialized payload that can result in execution of code within the payload,” Splunk explains in an advisory.
Next in line is CVE-2023-40598, a command injection vulnerability impacting a legacy internal function, which could be exploited to execute arbitrary code.
Comments are closed.
