Advertisement
Top
image credit: Rawpixel

Splunk Enterprise Updates Patch High-Severity Vulnerabilities

February 15, 2023

Via: Security Week
Category:

The most severe vulnerabilities are CVE-2023-22939 and CVE-2023-22935 (CVSS score of 8.1), two issues that could lead to the bypass of search processing language (SPL) safeguards for risky commands. Both flaws affect instances with Splunk Web enabled and require a high-privileged user to make a request in their browser.

CVE-2023-22934, another SPL safeguards bypass in Splunk Enterprise, requires an authenticated user to craft a saved job before a request is made in the browser.

Read More on Security Week

RELATED PUBLICATIONS

Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes
OpenAI’s GPT-4 can exploit real vulnerabilities by reading security advisories
Hugging Face says it fixed some worrying security issues, moves to boost online protection

Latest Publications

Google fixed critical Chrome vulnerability CVE-2024-4058
North Korean Hackers Hijack Antivirus Updates for Malware Delivery
AI set to play key role in future phishing attacks
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!