CVE-2023-32714
Vulnerability from cvelistv5
Published
2023-06-01 16:34
Modified
2024-10-30 15:05
Severity ?
EPSS score ?
Summary
Path Traversal in Splunk App for Lookup File Editing
References
Impacted products
▼ | Vendor | Product |
---|---|---|
Splunk | Splunk App for Lookup File Editing |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T15:25:36.536Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://advisory.splunk.com/advisories/SVD-2023-0608" }, { "tags": [ "x_transferred" ], "url": "https://research.splunk.com/application/8ed58987-738d-4917-9e44-b8ef6ab948a6/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Splunk App for Lookup File Editing", "vendor": "Splunk", "versions": [ { "lessThan": "4.0.1", "status": "affected", "version": "4.0", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "Torjus Bryne Retterst\u00f8l, Binary Security" } ], "datePublic": "2023-06-01T00:00:00.000000", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "In the Splunk App for Lookup File Editing versions below 4.0.1, a low-privileged user can, with a specially crafted web request, trigger a path traversal exploit that can then be used to read and write to restricted areas of the Splunk installation directory." } ], "value": "In the Splunk App for Lookup File Editing versions below 4.0.1, a low-privileged user can, with a specially crafted web request, trigger a path traversal exploit that can then be used to read and write to restricted areas of the Splunk installation directory." } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-35", "description": "The software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize \u0027.../...//\u0027 (doubled triple dot slash) sequences that can resolve to a location that is outside of that directory.", "lang": "en", "type": "cwe" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-30T15:05:50.237Z", "orgId": "42b59230-ec95-491e-8425-5a5befa1a469", "shortName": "Splunk" }, "references": [ { "url": "https://advisory.splunk.com/advisories/SVD-2023-0608" }, { "url": "https://research.splunk.com/application/8ed58987-738d-4917-9e44-b8ef6ab948a6/" } ], "source": { "advisory": "SVD-2023-0608" }, "title": "Path Traversal in Splunk App for Lookup File Editing" } }, "cveMetadata": { "assignerOrgId": "42b59230-ec95-491e-8425-5a5befa1a469", "assignerShortName": "Splunk", "cveId": "CVE-2023-32714", "datePublished": "2023-06-01T16:34:29.504Z", "dateReserved": "2023-05-11T20:55:59.872Z", "dateUpdated": "2024-10-30T15:05:50.237Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2023-32714\",\"sourceIdentifier\":\"prodsec@splunk.com\",\"published\":\"2023-06-01T17:15:10.513\",\"lastModified\":\"2024-04-10T01:15:14.490\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Splunk App for Lookup File Editing versions below 4.0.1, a low-privileged user can, with a specially crafted web request, trigger a path traversal exploit that can then be used to read and write to restricted areas of the Splunk installation directory.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.2},{\"source\":\"prodsec@splunk.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]},{\"source\":\"prodsec@splunk.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-35\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*\",\"versionStartIncluding\":\"8.1.0\",\"versionEndExcluding\":\"8.1.14\",\"matchCriteriaId\":\"285DAAE6-0931-41DA-A64A-25ED6A3BE2C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*\",\"versionStartIncluding\":\"8.2.0\",\"versionEndExcluding\":\"8.2.11\",\"matchCriteriaId\":\"E924894C-6C74-4F3B-B8FC-B3FDA0F487F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*\",\"versionStartIncluding\":\"9.0.0\",\"versionEndExcluding\":\"9.0.5\",\"matchCriteriaId\":\"4FF90BE2-6E2E-41F7-A77E-7547CBDD8596\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk_app_for_lookup_file_editing:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.0.1\",\"matchCriteriaId\":\"344C7507-BAD0-45FC-B2DE-ECD2C9135EE1\"}]}]}],\"references\":[{\"url\":\"https://advisory.splunk.com/advisories/SVD-2023-0608\",\"source\":\"prodsec@splunk.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://research.splunk.com/application/8ed58987-738d-4917-9e44-b8ef6ab948a6/\",\"source\":\"prodsec@splunk.com\",\"tags\":[\"Vendor Advisory\"]}]}}" } }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.