CVE-2023-40597

Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 8.2.12 Splunk Enterprise versions prior to 9.0.6 Splunk Enterprise versions prior to 9.1.1

Description The issue is related to an absolute path traversal that can be exploited to execute arbitrary code located on a separate disk. It is also associated with incorrect restriction of directory path names in the Splunk Web interface, which can allow an attacker to execute arbitrary code using the runshellscript.py script.

Recommendations For versions prior to 8.2.12, update to version 8.2.12 or later. For versions prior to 9.0.6, update to version 9.0.6 or later. For versions prior to 9.1.1, update to version 9.1.1 or later.