CVE-2023-32709 — Vulnetix

Try Vulnetix Request Demo

CVE-2023-32709 PUBLISHED

In Splunk Splunk Enterprise existieren mehrere Schwachstellen. Die Ursachen sind unter anderem ungenügende Zugriffs- und Eingabekontrollen und Path-Traversal, http Response Splitting und Cross Site Scripting Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Daten zu manipulieren oder offenzulegen, Sicherheitsvorkehrungen zu umgehen, oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion oder eine Anmeldung erforderlich.

EPSS 0.21% · 42.5th percentile

Risk Scores

EPSS Score

0.21%

42.5th percentile

Timeline

Jun 1, 2023 CVE Published
Jun 2, 2023 EPSS Score
Jul 7, 2023 EPSS Score
Aug 12, 2023 EPSS Score
Sep 16, 2023 EPSS Score
Oct 22, 2023 EPSS Score
Nov 26, 2023 EPSS Score
Dec 31, 2023 EPSS Score
Feb 5, 2024 EPSS Score
Mar 11, 2024 EPSS Score
Apr 15, 2024 EPSS Score
May 21, 2024 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1346.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1346 advisory
https://www.exploit-db.com/exploits/51747 exploit
https://advisory.splunk.com//advisories/SVD-2023-0612 advisory
https://advisory.splunk.com//advisories/SVD-2023-0611 advisory
https://advisory.splunk.com//advisories/SVD-2023-0610 advisory
https://advisory.splunk.com//advisories/SVD-2023-0609 advisory
https://advisory.splunk.com//advisories/SVD-2023-0608 advisory
https://advisory.splunk.com//advisories/SVD-2023-0607 advisory
https://advisory.splunk.com//advisories/SVD-2023-0606 advisory
https://advisory.splunk.com//advisories/SVD-2023-0605 advisory
https://advisory.splunk.com//advisories/SVD-2023-0604 advisory
https://advisory.splunk.com//advisories/SVD-2023-0603 advisory
https://advisory.splunk.com//advisories/SVD-2023-0602 advisory
https://advisory.splunk.com//advisories/SVD-2023-0601 advisory

Open in Interactive Console →