Advertisement
Top
image credit: Unsplash

PoC for Splunk Enterprise RCE flaw released (CVE-2023-46214)

November 27, 2023

Via: Help Net Security
Category:

A proof-of-concept (PoC) exploit for a high-severity flaw in Splunk Enterprise (CVE-2023-46214) that can lead to remote code execution has been made public.

Users are advised to implement the provided patches or workarounds quickly.

About CVE-2023-46214

Splunk Enterprise is a solution that ingests a variety of data generated by an organization’s business infrastructure and applications. This data is used to generate helpful insights for improving the organization’s security and compliance, application delivery, IT operations, and more.

CVE-2023-46214 stems from Splunk Enterprise’s failure to safely sanitize extensible stylesheet language transformations (XSLT) that users supply.

Read More on Help Net Security

RELATED PUBLICATIONS

Google fixed critical Chrome vulnerability CVE-2024-4058
AI set to play key role in future phishing attacks
U.S. Gov imposed Visa restrictions on 13 individuals linked to commercial spyware activity

Latest Publications

Sweden’s liquor supply severely impacted by ransomware attack on logistics company
Autodesk Drive Abused in Phishing Attacks 
Google fixed critical Chrome vulnerability CVE-2024-4058
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!