Lucene search

SplunkCVELIST:CVE-2023-46213

HistoryNov 16, 2023 - 8:15 p.m.

CVE-2023-46213 Cross-site Scripting (XSS) on “Show Syntax Highlighted” View in Search Page

2023-11-1620:15:46

Splunk

www.cve.org

cve-2023-46213; cross-site scripting; splunk enterprise; ineffective escaping; unauthorized code execution; web browser

4.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

5.6 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

18.2%

JSON

In Splunk Enterprise versions below 9.0.7 and 9.1.2, ineffective escaping in the “Show syntax Highlighted” feature can result in the execution of unauthorized code in a user’s web browser.

CNA Affected

[
  {
    "product": "Splunk Enterprise",
    "vendor": "Splunk",
    "versions": [
      {
        "version": "9.0",
        "status": "affected",
        "versionType": "custom",
        "lessThan": "9.0.7"
      },
      {
        "version": "9.1",
        "status": "affected",
        "versionType": "custom",
        "lessThan": "9.1.2"
      }
    ]
  },
  {
    "product": "Splunk Cloud",
    "vendor": "Splunk",
    "versions": [
      {
        "version": "-",
        "status": "affected",
        "versionType": "custom",
        "lessThan": "9.1.2308"
      }
    ]
  }
]

References

advisory.splunk.com/advisories/SVD-2023-1103

research.splunk.com/application/1030bc63-0b37-4ac9-9ae0-9361c955a3cc/