CVE-2023-40592

Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 9.1.1 Splunk Enterprise versions prior to 9.0.6 Splunk Enterprise versions prior to 8.2.12

Description The issue is related to a reflected cross-site scripting (XSS) vulnerability in the Splunk Enterprise platform, specifically affecting the "/app/search/table" web endpoint. An attacker can craft a special web request to exploit this vulnerability, potentially leading to the execution of arbitrary commands on the Splunk platform instance.

Recommendations For versions prior to 9.1.1, update to version 9.1.1 or later to resolve the issue. For versions prior to 9.0.6, update to version 9.0.6 or later to resolve the issue. For versions prior to 8.2.12, update to version 8.2.12 or later to resolve the issue. As a temporary workaround, consider restricting access to the "/app/search/table" web endpoint until a patch is applied.