CVE-2023-40596

In Splunk Enterprise versions earlier than 8.2.12, 9.0.6, and 9.1.1, a dynamic link library (DLL) that ships with Splunk Enterprise references an insecure path for the OPENSSLDIR build definition. An attacker can abuse this reference and subsequently install malicious code to achieve privilege escalation on the Windows machine.

CVSS v3 7.0 HIGH

7.0^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.0 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://advisory.splunk.com/advisories/SVD-2023-0805	Vendor Advisory
https://advisory.splunk.com/advisories/SVD-2023-0805	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:a:splunk:splunk:::::enterprise:::*
	cpe:2.3:a:splunk:splunk:::::enterprise:::*
	cpe:2.3:a:splunk:splunk:9.1.0::::enterprise:::

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

21 Nov 2024, 08:19

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~8.8~~	v2 : unknown v3 : 7.0
References	~~() https://advisory.splunk.com/advisories/SVD-2023-0805 - Vendor Advisory~~	() https://advisory.splunk.com/advisories/SVD-2023-0805 - Vendor Advisory

01 Sep 2023, 13:37

Type	Values Removed	Values Added
CWE		CWE-427
References	~~(MISC) https://advisory.splunk.com/advisories/SVD-2023-0805 -~~	(MISC) https://advisory.splunk.com/advisories/SVD-2023-0805 - Vendor Advisory
CPE		cpe:2.3:a:splunk:splunk:::::enterprise:::* cpe:2.3:a:splunk:splunk:9.1.0::::enterprise::: cpe:2.3:o:microsoft:windows:-:::::::*
First Time		Splunk Splunk splunk Microsoft windows Microsoft
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 8.8

30 Aug 2023, 17:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-08-30 17:15

Updated : 2024-11-21 08:19

NVD link : CVE-2023-40596

Mitre link : CVE-2023-40596

CVE.ORG link : CVE-2023-40596

JSON object : View

Products Affected

microsoft

windows

splunk

splunk

CWE

CWE-665

Improper Initialization

CWE-427

Uncontrolled Search Path Element

{"id": "CVE-2023-40596", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "prodsec@splunk.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.0, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.0}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 2.0}]}, "published": "2023-08-30T17:15:10.103", "references": [{"url": "https://advisory.splunk.com/advisories/SVD-2023-0805", "tags": ["Vendor Advisory"], "source": "prodsec@splunk.com"}, {"url": "https://advisory.splunk.com/advisories/SVD-2023-0805", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "prodsec@splunk.com", "description": [{"lang": "en", "value": "CWE-665"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-427"}]}], "descriptions": [{"lang": "en", "value": "In Splunk Enterprise versions earlier than 8.2.12, 9.0.6, and 9.1.1, a dynamic link library (DLL) that ships with Splunk Enterprise references an insecure path for the OPENSSLDIR build definition. An attacker can abuse this reference and subsequently install malicious code to achieve privilege escalation on the Windows machine."}], "lastModified": "2024-11-21T08:19:47.540", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "21F6F824-393F-424F-85DF-CD3FCB40452F", "versionEndExcluding": "8.2.12", "versionStartIncluding": "8.2.0"}, {"criteria": "cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "74A23E71-6A34-48A5-8087-B626BED870E0", "versionEndExcluding": "9.0.6", "versionStartIncluding": "9.0.0"}, {"criteria": "cpe:2.3:a:splunk:splunk:9.1.0:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "A4F2BC82-AD4C-4D80-8200-C2371E7C04F1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "prodsec@splunk.com"}