CVE-2023-32715 — Vulnetix

CVE-2023-32715 PUBLISHED

In Splunk Splunk Enterprise existieren mehrere Schwachstellen. Die Ursachen sind unter anderem ungenügende Zugriffs- und Eingabekontrollen und Path-Traversal, http Response Splitting und Cross Site Scripting Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Daten zu manipulieren oder offenzulegen, Sicherheitsvorkehrungen zu umgehen, oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion oder eine Anmeldung erforderlich.

EPSS 0.49% · 65.8th percentile

Risk Scores

EPSS Score

0.49%

65.8th percentile

Timeline

Jun 1, 2023 CVE Published
Jun 2, 2023 EPSS Score
Jul 8, 2023 EPSS Score
Aug 13, 2023 EPSS Score
Sep 18, 2023 EPSS Score
Oct 24, 2023 EPSS Score
Nov 28, 2023 EPSS Score
Jan 3, 2024 EPSS Score
Feb 8, 2024 EPSS Score
Mar 15, 2024 EPSS Score
Apr 20, 2024 EPSS Score
May 26, 2024 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1346.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1346 advisory
https://www.exploit-db.com/exploits/51747 exploit
https://advisory.splunk.com//advisories/SVD-2023-0612 advisory
https://advisory.splunk.com//advisories/SVD-2023-0611 advisory
https://advisory.splunk.com//advisories/SVD-2023-0610 advisory
https://advisory.splunk.com//advisories/SVD-2023-0609 advisory
https://advisory.splunk.com//advisories/SVD-2023-0608 advisory
https://advisory.splunk.com//advisories/SVD-2023-0607 advisory
https://advisory.splunk.com//advisories/SVD-2023-0606 advisory
https://advisory.splunk.com//advisories/SVD-2023-0605 advisory
https://advisory.splunk.com//advisories/SVD-2023-0604 advisory
https://advisory.splunk.com//advisories/SVD-2023-0603 advisory
https://advisory.splunk.com//advisories/SVD-2023-0602 advisory
https://advisory.splunk.com//advisories/SVD-2023-0601 advisory

Open in Interactive Console →