CVE-2023-40592Cross-site Scripting in Cloud

CWE-79Cross-site Scripting3 documents3 sources
Severity
6.1MEDIUMNVD
CNA8.4
EPSS
0.3%
top 49.29%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Splunk CloudSplunk EnterpriseSplunk+1 more
Timeline
PublishedAug 30

Description

In Splunk Enterprise versions below 9.1.1, 9.0.6, and 8.2.12, an attacker can craft a special web request that can result in reflected cross-site scripting (XSS) on the “/app/search/table” web endpoint. Exploitation of this vulnerability can lead to the execution of arbitrary commands on the Splunk platform instance.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages4 packages

CVEListV5splunk/splunk_enterprise8.28.2.12+2
NVDsplunk/splunk8.2.08.2.12+2
CVEListV5splunk/splunk_cloud-9.0.2305.200

🔴Vulnerability Details

2
GHSA
GHSA-8gcf-q856-6j97: In Splunk Enterprise versions below 92023-08-30
CVEList
Reflected Cross-site Scripting (XSS) on "/app/search/table" web endpoint2023-08-30
CVE-2023-40592 — Cross-site Scripting in Splunk Cloud | cvebase