CVE-2023-40596
30.08.2023, 17:15
In Splunk Enterprise versions earlier than 8.2.12, 9.0.6, and 9.1.1, a dynamic link library (DLL) that ships with Splunk Enterprise references an insecure path for the OPENSSLDIR build definition. An attacker can abuse this reference and subsequently install malicious code to achieve privilege escalation on the Windows machine.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| splunk | splunk | 8.2.0 ≤ 𝑥 < 8.2.12 |
| splunk | splunk | 9.0.0 ≤ 𝑥 < 9.0.6 |
| splunk | splunk | 9.1.0 |
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| splunk | splunk | 8.2 ≤ 𝑥 < 8.2.12 | ADP |
| splunk | splunk | 9.0 ≤ 𝑥 < 9.0.6 | ADP |
| splunk | splunk | 9.1 ≤ 𝑥 < 9.1.1 | ADP |
Common Weakness Enumeration
- CWE-665 - Improper InitializationThe software does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.
- CWE-427 - Uncontrolled Search Path ElementThe product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.