Lucene search

SplunkCVELIST:CVE-2023-40594

HistoryAug 30, 2023 - 4:19 p.m.

CVE-2023-40594 Denial of Service (DoS) via the ‘printf’ Search Function

2023-08-3016:19:40

Splunk

www.cve.org

cve-2023-40594

dos

printf

search function

splunk enterprise

version lower

8.2.12

9.0.6

9.1.1

attacker

denial of service

instance

6.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

0.0005 Low

EPSS

Percentile

17.0%

JSON

In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can use the printf SPL function to perform a denial of service (DoS) against the Splunk Enterprise instance.

CNA Affected

[
  {
    "product": "Splunk Enterprise",
    "vendor": "Splunk",
    "versions": [
      {
        "version": "8.2",
        "status": "affected",
        "versionType": "custom",
        "lessThan": "8.2.12"
      },
      {
        "version": "9.0",
        "status": "affected",
        "versionType": "custom",
        "lessThan": "9.0.6"
      },
      {
        "version": "9.1",
        "status": "affected",
        "versionType": "custom",
        "lessThan": "9.1.1"
      }
    ]
  },
  {
    "product": "Splunk Cloud",
    "vendor": "Splunk",
    "versions": [
      {
        "version": "-",
        "status": "affected",
        "versionType": "custom",
        "lessThan": "9.0.2303.100"
      }
    ]
  }
]

References

advisory.splunk.com/advisories/SVD-2023-0803

research.splunk.com/application/78b48d08-075c-4eac-bd07-e364c3780867/

6.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

0.0005 Low

EPSS

Percentile

17.0%

JSON

Related for CVELIST:CVE-2023-40594