In Splunk Enterprise versions below 8.1.13 and 8.2.10, the ‘createrss’ external search command overwrites existing Resource Description Format Site Summary (RSS) feeds without verifying permissions. This feature has been deprecated and disabled by default.
References
Link | Resource |
---|---|
https://advisory.splunk.com/advisories/SVD-2023-0201 | Vendor Advisory |
https://research.splunk.com/application/ee69374a-d27e-4136-adac-956a96ff60fd/ | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Splunk
Published: 2023-02-14T17:22:36.712Z
Updated: 2024-07-01T16:57:48.422Z
Reserved: 2023-01-10T21:39:55.583Z
Link: CVE-2023-22931
JSON object: View
NVD Information
Status : Modified
Published: 2023-02-14T18:15:12.063
Modified: 2024-04-10T01:15:09.737
Link: CVE-2023-22931
JSON object: View
Redhat Information
No data.