CVE-2023-22937

Published: Feb 14, 2023Modified: Nov 21, 2024

4.3

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Exploitability: 2.8 / Impact: 1.4

Source: NVD

Description

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the lookup table upload feature let a user upload lookup tables with unnecessary filename extensions. Lookup table file extensions may now be one of the following only: .csv, .csv.gz, .kmz, .kml, .mmdb, or .mmdb.gzl.

Affected (4)

Products: Splunk: Splunk, Splunk Cloud Platform

2 products

Splunk Cloud Platform

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Splunk Splunk	From 8.1.0 to 8.1.13
Splunk Splunk	From 8.2.0 to 8.2.10
Splunk Splunk	From 9.0.0 to 9.0.4
Splunk Splunk Cloud Platform	Before 9.0.2209.3

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

References (4)

https://advisory.splunk.com/advisories/SVD-2023-0207

Source: prodsec@splunk.com

MitigationVendor Advisory

https://research.splunk.com/application/b7d1293f-e78f-415e-b5f6-443df3480082/

Source: prodsec@splunk.com

Vendor Advisory

https://advisory.splunk.com/advisories/SVD-2023-0207

Source: af854a3a-2127-422b-91ae-364da2661108

MitigationVendor Advisory

https://research.splunk.com/application/b7d1293f-e78f-415e-b5f6-443df3480082/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.