CVE-2023-32709 — Vulnetix

CVE-2023-32709 PUBLISHED

In Splunk Splunk Enterprise existieren mehrere Schwachstellen. Die Ursachen sind unter anderem ungenügende Zugriffs- und Eingabekontrollen und Path-Traversal, http Response Splitting und Cross Site Scripting Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Daten zu manipulieren oder offenzulegen, Sicherheitsvorkehrungen zu umgehen, oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion oder eine Anmeldung erforderlich.

EPSS 0.20% · 41.6th percentile

Risk Scores

EPSS Score

0.20%

41.6th percentile

Exploit Intelligence

Timeline

Jun 1, 2023 CVE Published
Jun 2, 2023 EPSS Score
Jul 8, 2023 EPSS Score
Aug 13, 2023 EPSS Score
Sep 18, 2023 EPSS Score
Oct 24, 2023 EPSS Score
Nov 29, 2023 EPSS Score
Jan 4, 2024 EPSS Score
Feb 9, 2024 EPSS Score
Mar 16, 2024 EPSS Score
Apr 21, 2024 EPSS Score
May 27, 2024 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1346.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1346 advisory
https://www.exploit-db.com/exploits/51747 exploit
https://advisory.splunk.com//advisories/SVD-2023-0612 advisory
https://advisory.splunk.com//advisories/SVD-2023-0611 advisory
https://advisory.splunk.com//advisories/SVD-2023-0610 advisory
https://advisory.splunk.com//advisories/SVD-2023-0609 advisory
https://advisory.splunk.com//advisories/SVD-2023-0608 advisory
https://advisory.splunk.com//advisories/SVD-2023-0607 advisory
https://advisory.splunk.com//advisories/SVD-2023-0606 advisory
https://advisory.splunk.com//advisories/SVD-2023-0605 advisory
https://advisory.splunk.com//advisories/SVD-2023-0604 advisory
https://advisory.splunk.com//advisories/SVD-2023-0603 advisory
https://advisory.splunk.com//advisories/SVD-2023-0602 advisory
https://advisory.splunk.com//advisories/SVD-2023-0601 advisory

Open in Interactive Console →