CVE-2022-43566

{"id": "CVE-2022-43566", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "prodsec@splunk.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.3, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 2.1}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.0, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.1}]}, "published": "2022-11-04T23:15:10.080", "references": [{"url": "https://research.splunk.com/application/b6d77c6c-f011-4b03-8650-8f10edb7c4a8/", "tags": ["Exploit", "Vendor Advisory"], "source": "prodsec@splunk.com"}, {"url": "https://www.splunk.com/en_us/product-security/announcements/svd-2022-1106.html", "tags": ["Vendor Advisory"], "source": "prodsec@splunk.com"}, {"url": "https://research.splunk.com/application/b6d77c6c-f011-4b03-8650-8f10edb7c4a8/", "tags": ["Exploit", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.splunk.com/en_us/product-security/announcements/svd-2022-1106.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "prodsec@splunk.com", "description": [{"lang": "en", "value": "CWE-20"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can run risky commands using a more privileged user\u2019s permissions to bypass SPL safeguards for risky commands https://docs.splunk.com/Documentation/SplunkCloud/latest/Security/SPLsafeguards \u00a0in the Analytics Workspace. The vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser. The attacker cannot exploit the vulnerability at will.\n"}, {"lang": "es", "value": "En las versiones de Splunk Enterprise anteriores a 8.2.9, 8.1.12 y 9.0.2, un usuario autenticado puede ejecutar comandos con riesgo utilizando los permisos de un usuario con m\u00e1s privilegios para evitar las protecciones de SPL para comandos con riesgo https://docs.splunk.com/ Documentaci\u00f3n/SplunkCloud/latest/Security/SPLsafeguards en el espacio de trabajo de Analytics. La vulnerabilidad requiere que el atacante realice phishing a la v\u00edctima enga\u00f1\u00e1ndola para que inicie una solicitud dentro de su navegador. El atacante no puede explotar la vulnerabilidad a voluntad."}], "lastModified": "2024-11-21T07:26:47.917", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "697F9803-FC99-4149-A4E5-55A3A8CB1D18", "versionEndExcluding": "8.1.12", "versionStartIncluding": "8.1.0"}, {"criteria": "cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "07617B0C-3704-4DB5-B416-94B77A5C2EEE", "versionEndExcluding": "8.2.9", "versionStartIncluding": "8.2.0"}, {"criteria": "cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "867EFF29-96B9-44EF-93CE-8E7DB77B086E", "versionEndExcluding": "9.0.2", "versionStartIncluding": "9.0.0"}, {"criteria": "cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "968C9207-1208-43E0-ABA5-1008BE594FDF", "versionEndExcluding": "9.0.2208"}], "operator": "OR"}]}], "sourceIdentifier": "prodsec@splunk.com"}