Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2023-22942

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, a cross-site request forgery in the Splunk Secure Gateway (SSG) app in the ‘kvstore_client’ REST endpoint lets a potential attacker update SSG KV store collections using an HTTP GET request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 19.7%
CVSS Severity
CVSS v3 Score 5.4
Products affected by CVE-2023-22942
  • Splunk » Splunk » Version: 8.1.0
    cpe:2.3:a:splunk:splunk:8.1.0
  • Splunk » Splunk » Version: 8.1.1
    cpe:2.3:a:splunk:splunk:8.1.1
  • Splunk » Splunk » Version: 8.1.12
    cpe:2.3:a:splunk:splunk:8.1.12
  • Splunk » Splunk » Version: 8.1.2
    cpe:2.3:a:splunk:splunk:8.1.2
  • Splunk » Splunk » Version: 8.1.4
    cpe:2.3:a:splunk:splunk:8.1.4
  • Splunk » Splunk » Version: 8.1.5
    cpe:2.3:a:splunk:splunk:8.1.5
  • Splunk » Splunk » Version: 8.1.6
    cpe:2.3:a:splunk:splunk:8.1.6
  • Splunk » Splunk » Version: 8.1.7
    cpe:2.3:a:splunk:splunk:8.1.7
  • Splunk » Splunk » Version: 8.2.0
    cpe:2.3:a:splunk:splunk:8.2.0
  • Splunk » Splunk » Version: 8.2.9
    cpe:2.3:a:splunk:splunk:8.2.9
  • Splunk » Splunk » Version: 9.0.0
    cpe:2.3:a:splunk:splunk:9.0.0
  • Splunk » Splunk » Version: 9.0.3
    cpe:2.3:a:splunk:splunk:9.0.3


Products
Pricing
Contact Us

Shodan ® - All rights reserved