image credit: Unsplash

PoC for Splunk Enterprise RCE flaw released (CVE-2023-46214)

November 27, 2023

A proof-of-concept (PoC) exploit for a high-severity flaw in Splunk Enterprise (CVE-2023-46214) that can lead to remote code execution has been made public.

Users are advised to implement the provided patches or workarounds quickly.

About CVE-2023-46214

Splunk Enterprise is a solution that ingests a variety of data generated by an organization’s business infrastructure and applications. This data is used to generate helpful insights for improving the organization’s security and compliance, application delivery, IT operations, and more.

CVE-2023-46214 stems from Splunk Enterprise’s failure to safely sanitize extensible stylesheet language transformations (XSLT) that users supply.

Read More on Help Net Security