CVE-2022-43561 — Vulnetix

CVE-2022-43561 PUBLISHED CVSS 8.699999809265137 HIGH

In Splunk Enterprise existieren mehrere Schwachstellen. Ein entfernter anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um Code zur Ausführung zu bringen, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen, Daten zu manipulieren oder einen Denial of Service zu verursachen. Zur Ausnutzung einiger Schwachstellen ist eine Interaktion des Opfers notwendig.

EPSS 0.20% · 41.9th percentile

Risk Scores

CVSS 4.0

8.699999809265137

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

EPSS Score

0.20%

41.9th percentile

Exploit Intelligence

https://research.splunk.com/application/a974d1ee-ddca-4837-b6ad-d55a8a239c20/ (nist-nvd)
https://www.splunk.com/en_us/product-security/announcements/svd-2022-1101.html (circl)

Timeline

Nov 2, 2022 CVE Published
Nov 4, 2022 EPSS Score
Dec 17, 2022 EPSS Score
Jan 29, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 14, 2023 EPSS Score
Apr 26, 2023 EPSS Score
Jun 8, 2023 EPSS Score
Jul 21, 2023 EPSS Score
Sep 2, 2023 EPSS Score
Oct 16, 2023 EPSS Score
Nov 28, 2023 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1950.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1950 advisory
https://psytester.github.io/CVE-2022-43571_SPLUNK_RCE/ advisory
https://www.splunk.com/en_us/product-security/announcements/svd-2022-1101.html advisory
https://www.splunk.com/en_us/product-security/announcements/svd-2022-1102.html advisory
https://www.splunk.com/en_us/product-security/announcements/svd-2022-1103.html advisory
https://www.splunk.com/en_us/product-security/announcements/svd-2022-1104.html advisory
https://www.splunk.com/en_us/product-security/announcements/svd-2022-1105.html advisory
https://www.splunk.com/en_us/product-security/announcements/svd-2022-1106.html advisory
https://www.splunk.com/en_us/product-security/announcements/svd-2022-1107.html advisory
https://www.splunk.com/en_us/product-security/announcements/svd-2022-1108.html advisory
https://www.splunk.com/en_us/product-security/announcements/svd-2022-1109.html advisory
https://www.splunk.com/en_us/product-security/announcements/svd-2022-1110.html advisory
https://www.splunk.com/en_us/product-security/announcements/svd-2022-1111.html advisory
https://www.splunk.com/en_us/product-security/announcements/svd-2022-1112.html advisory
https://www.splunk.com/en_us/product-security/announcements/svd-2022-1113.html advisory

Open in Interactive Console →