Splunk announced on November 2 the release of a new set of quarterly patches for Splunk Enterprise, which include fixes for nine high-severity vulnerabilities.
These security flaws are classified as remote code execution (RCE), XML external entity (XXE) injection, and reflected cross-site scripting (XSS) bugs and have a CVSS score of 8.8. The RCE vulnerabilities, identified as CVE-2022-43571 and CVE-2022-43567, allow authenticated attackers to execute code by sending crafted requests to the mobile alerts feature of the Splunk Secure Gateway app or by using the dashboard PDF generation component.
Also Read: Effective Collaboration Between IT and HR is Critical to Better Cybersecurity
Due to the XXE injection vulnerability, CVE-2022-43570, Splunk Web may embed the wrong documents as part of an error.
Read More: Splunk Patches 9 High-Severity Vulnerabilities in Enterprise Product
