PT-2023-18780 · Splunk · Splunk Enterprise
Published
2023-02-14
·
Updated
2024-04-10
·
CVE-2023-22937
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Splunk Enterprise versions prior to 8.1.13
Splunk Enterprise versions prior to 8.2.10
Splunk Enterprise versions prior to 9.0.4
Description
The lookup table upload feature in Splunk Enterprise allowed users to upload lookup tables with unnecessary filename extensions. Now, only specific filename extensions are permitted, including .csv, .csv.gz, .kmz, .kml, .mmdb, or .mmdb.gzl.
Recommendations
For versions prior to 8.1.13, update to version 8.1.13 or later to resolve the issue.
For versions prior to 8.2.10, update to version 8.2.10 or later to resolve the issue.
For versions prior to 9.0.4, update to version 9.0.4 or later to resolve the issue.
Fix
Unrestricted File Upload
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Splunk Enterprise