CVE Vulnerability
CVE-2023-22931
In Splunk Enterprise versions below 8.1.13 and 8.2.10, the ‘createrss’ external search command overwrites existing Resource Description Format Site Summary (RSS) feeds without verifying permissions. This feature has been deprecated and disabled by default.
References
| Link | Resource |
|---|---|
| https://advisory.splunk.com/advisories/SVD-2023-0201 | Vendor Advisory |
| https://research.splunk.com/application/ee69374a-d27e-4136-adac-956a96ff60fd/ | Vendor Advisory |
Configurations
Configuration 1
|
Information
Published : 2023-02-14 06:15
Updated : 2023-02-23 02:28
NVD link : CVE-2023-22931
Mitre link : CVE-2023-22931
Products Affected
No products.
CWE
No CWE.