Vulnerabilities > CVE-2022-43567 - Deserialization of Untrusted Data vulnerability in Splunk and Splunk Cloud Platform
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can run arbitrary operating system commands remotely through the use of specially crafted requests to the mobile alerts feature in the Splunk Secure Gateway app.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://research.splunk.com/application/baa41f09-df48-4375-8991-520beea161be/
- https://research.splunk.com/application/baa41f09-df48-4375-8991-520beea161be/
- https://www.splunk.com/en_us/product-security/announcements/svd-2022-1107.html
- https://www.splunk.com/en_us/product-security/announcements/svd-2022-1107.html