We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Assigner | Splunk |
Reserved | 2023-01-10 |
Published | 2023-02-14 |
Updated | 2024-10-30 |
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘pivot’ search processing language (SPL) command lets a search bypass SPL safeguards for risky commands using a saved search job. The vulnerability requires an authenticated user to craft the saved job and a higher privileged user to initiate a request within their browser.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N |
Anton (therceman)
https://advisory.splunk.com/advisories/SVD-2023-0204
https://research.splunk.com/application/ee69374a-d27e-4136-adac-956a96ff60fd