CVE-2022-43566
- Reference to the description:
- Description:
- In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can run risky commands using a more privileged user’s permissions to bypass SPL safeguards for risky commands https://docs.splunk.com/Documentation/SplunkCloud/latest/Security/SPLsafeguards in the Analytics Workspace. The vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser. The attacker cannot exploit the vulnerability at will.
- Last updated date:
- 06/27/2023
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 11/08/2022
- Reference url to background
https://research.splunk.com/application/b6d77c6c-f011-4b03-8650-8f10edb7c4a8/