CVE-2023-40596Improper Initialization in Enterprise

CWE-665Improper InitializationCWE-427Uncontrolled Search Path Element3 documents3 sources
Severity
8.8HIGHNVD
CNA7.0
EPSS
0.1%
top 84.32%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Splunk EnterpriseSplunk
Timeline
PublishedAug 30

Description

In Splunk Enterprise versions earlier than 8.2.12, 9.0.6, and 9.1.1, a dynamic link library (DLL) that ships with Splunk Enterprise references an insecure path for the OPENSSLDIR build definition. An attacker can abuse this reference and subsequently install malicious code to achieve privilege escalation on the Windows machine.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 2.0 | Impact: 6.0

Affected Packages2 packages

CVEListV5splunk/splunk_enterprise8.28.2.12+2
NVDsplunk/splunk8.2.08.2.12+2

🔴Vulnerability Details

2
CVEList
Splunk Enterprise on Windows Privilege Escalation due to Insecure OPENSSLDIR Build Definition Reference in DLL2023-08-30
GHSA
GHSA-mwr4-hjv7-wjrh: In Splunk Enterprise versions earlier than 82023-08-30
CVE-2023-40596 — Improper Initialization in Splunk | cvebase