{"vulnerability": "CVE-2023-46214", "sightings": [{"uuid": "580d0ffd-6c28-428c-8552-4b6ffed08c1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46214", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:57.000000Z"}, {"uuid": "bf69c23b-fb58-496b-a3ee-f6a2cc748554", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46214", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "42faffd1-d7e9-4a63-999e-5f0d61bff7de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46214", "type": "published-proof-of-concept", "source": "https://t.me/cKure/12033", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 PoC for Splunk Enterprise RCE flaw released (CVE-2023-46214).\n\nhttps://www.helpnetsecurity.com/2023/11/27/cve-2023-46214-poc/", "creation_timestamp": "2023-11-28T13:25:01.000000Z"}, {"uuid": "73ff4f71-db85-4461-8b40-fde5090f9668", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46214", "type": "published-proof-of-concept", "source": "https://t.me/ap_security/227", "content": "\u2604\ufe0fCVE-2023-46214: Splunk RCE\n\n\ud83d\udce3\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 PoC:\nhttps://github.com/nathan31337/Splunk-RCE-poc\n\n#cve #poc #exploit", "creation_timestamp": "2023-11-19T14:57:34.000000Z"}, {"uuid": "6fa5a974-fba9-4fae-adb9-894d1b79fee2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46214", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:01.000000Z"}, {"uuid": "90649be4-9468-4a9d-8ec1-46f5d2e2b974", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46214", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/http/splunk_xslt_authenticated_rce.rb", "content": "", "creation_timestamp": "2023-12-11T22:40:20.000000Z"}, {"uuid": "8be0e45e-b4b1-4923-901a-fd65501da93d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46214", "type": "published-proof-of-concept", "source": "https://t.me/itsec_news/3727", "content": "\u200b\u26a1\ufe0f\u0418\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 Splunk Enterprise \u0443\u0433\u0440\u043e\u0436\u0430\u0435\u0442 \u0441\u043e\u0442\u043d\u044f\u043c \u0432\u0441\u0435\u043c\u0438\u0440\u043d\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439\n\n\ud83d\udcac \u041d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u044b\u0439 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0432 \u0441\u0444\u0435\u0440\u0435 \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b Proof-of-Concept (PoC) \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2023-46214 \u0432 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 \u0438 \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0434\u0430\u043d\u043d\u044b\u0445 Splunk, \u0442\u043e\u0447\u043d\u0435\u0435 \u0432 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u043c \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u2014 Enterprise. \u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445, \u0432 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0447\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d \u0432\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (8.8 \u0431\u0430\u043b\u043b\u043e\u0432 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS).\nSplunk Enterprise \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0440\u0435\u0448\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u0441\u0431\u043e\u0440\u0430 \u0438 \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0440\u0430\u0437\u043d\u043e\u043e\u0431\u0440\u0430\u0437\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u0433\u0435\u043d\u0435\u0440\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043e\u0439 \u0438 \u0431\u0438\u0437\u043d\u0435\u0441-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c\u0438 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438. \u042d\u0442\u0438 \u0434\u0430\u043d\u043d\u044b\u0435 \u0437\u0430\u0442\u0435\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0445 \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0432\u044b\u0432\u043e\u0434\u043e\u0432, \u043f\u043e\u043c\u043e\u0433\u0430\u044e\u0449\u0438\u0445 \u0443\u043b\u0443\u0447\u0448\u0438\u0442\u044c \u0440\u0430\u0431\u043e\u0442\u0443 \u0441\u0438\u0441\u0442\u0435\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0438\u044f \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u0438\u044f\u043c, \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439, IT-\u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439 \u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u0430\u0441\u043f\u0435\u043a\u0442\u043e\u0432 \u0431\u0438\u0437\u043d\u0435\u0441\u0430.\n\n\u0421\u0440\u0435\u0434\u0438 \u0441\u043e\u0442\u0435\u043d \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 Splunk \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u0441 \u043c\u0438\u0440\u043e\u0432\u044b\u043c \u0438\u043c\u0435\u043d\u0435\u043c, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Intel, Lenovo, Zoom, Bosch, Coca-Cola, Papa Johns, Honda, Puma \u0438 \u043f\u0440\u043e\u0447\u0438\u0445.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-46214 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u0435\u0439 \u0440\u0430\u0441\u0448\u0438\u0440\u044f\u0435\u043c\u043e\u0433\u043e \u044f\u0437\u044b\u043a\u0430 \u0442\u0430\u0431\u043b\u0438\u0446 \u0441\u0442\u0438\u043b\u0435\u0439 (XSLT), \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Splunk \u043c\u043e\u0433\u0443\u0442 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c. \u042d\u0442\u043e \u0434\u0430\u0451\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u0435\u0440\u0435\u0434\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 XSLT-\u043a\u043e\u0434, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u0440\u0438\u0432\u0435\u0434\u0451\u0442 \u043a \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 Splunk Enterprise.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e\u0442 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 Splunk, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0435\u0440\u0441\u0438\u0438 \u0441 9.0.0 \u0434\u043e 9.0.6 \u0438 \u0441 9.1.0 \u0434\u043e 9.1.1. \u0422\u0430\u043a\u0436\u0435 \u043f\u043e\u0434 \u0443\u0434\u0430\u0440\u043e\u043c \u043e\u043a\u0430\u0437\u0430\u043b\u0438\u0441\u044c \u0432\u0435\u0440\u0441\u0438\u0438 Splunk Enterprise 8.x \u0438 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0439 \u0441\u0435\u0440\u0432\u0438\u0441 Splunk Cloud \u043d\u0438\u0436\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 9.1.2308.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u0432\u0448\u0438\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442, \u0440\u0430\u0441\u0441\u043c\u043e\u0442\u0440\u0435\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e \u0432 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u043e\u043c \u043e\u0442\u0447\u0451\u0442\u0435 . \u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c, \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0430\u0442\u0430\u043a\u0438 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 (\u0437\u043d\u0430\u043d\u0438\u0435 \u0432\u0430\u043b\u0438\u0434\u043d\u044b\u0445 \u0443\u0447\u0451\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439), \u0430 \u0442\u0430\u043a\u0436\u0435 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435.\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 Splunk \u0443\u0436\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f 9.0.7 \u0438 9.1.2, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-46214. \u0415\u0441\u043b\u0438 \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e, \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0439 \u043c\u0435\u0440\u044b \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 XML-\u0441\u0442\u0438\u043b\u0435\u0439 \u0434\u043b\u044f \u043f\u043e\u0438\u0441\u043a\u043e\u0432\u044b\u0445 \u0437\u0430\u0434\u0430\u043d\u0438\u0439. \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043a\u043e\u043c\u0430\u043d\u0434\u0430 Splunk \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0433\u043e\u0434\u0438\u0442\u044c\u0441\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u0430\u043c \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-11-28T14:44:13.000000Z"}, {"uuid": "5c52d05d-6e75-4f17-a268-9544b33a3a91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46214", "type": "published-proof-of-concept", "source": "Telegram/lT-n1_TKqF_YTRQEncgwEpOQn7OQdGnpgi-vuoi3aKn45A", "content": "", "creation_timestamp": "2023-11-19T16:15:51.000000Z"}, {"uuid": "6039995e-d711-457e-acdb-56ad4407f641", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46214", "type": "published-proof-of-concept", "source": "https://t.me/ap_security/275", "content": "\u2604\ufe0fCVE-2023-46214: Splunk RCE\n\n\ud83d\udce3\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 PoC:\nhttps://github.com/nathan31337/Splunk-RCE-poc\n\n#cve #poc #exploit", "creation_timestamp": "2023-11-19T14:57:34.000000Z"}, {"uuid": "9135f811-df2b-459a-a752-ccf9c886c9fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46214", "type": "published-proof-of-concept", "source": "https://t.me/ctinow/151691", "content": "https://ift.tt/E20jsu7\nPoC for Splunk Enterprise RCE flaw released (CVE-2023-46214)", "creation_timestamp": "2023-11-27T12:17:36.000000Z"}, {"uuid": "8eb88660-5b21-4d82-a4bf-61e35c189b24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46214", "type": "published-proof-of-concept", "source": "https://t.me/ctinow/152824", "content": "https://ift.tt/PgtHU5r\nPoC for Splunk Enterprise RCE flaw released (CVE-2023-46214)", "creation_timestamp": "2023-12-01T10:23:08.000000Z"}, {"uuid": "16b89aef-54ba-4ca6-ba52-227d0fe223cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46214", "type": "seen", "source": "https://t.me/arpsyndicate/1808", "content": "#ExploitObserverAlert\n\nCVE-2023-46214\n\nDESCRIPTION: Exploit Observer has 9 entries related to CVE-2023-46214. In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language transformations (XSLT) that users supply. This means that an attacker can upload malicious XSLT which can result in remote code execution on the Splunk Enterprise instance.\n\nFIRST-EPSS: 0.002390000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-12-12T12:14:23.000000Z"}, {"uuid": "38e5312a-4755-4c95-818f-7835148999c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46214", "type": "seen", "source": "https://t.me/arpsyndicate/788", "content": "#ExploitObserverAlert\n\nCVE-2023-46214\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-46214. In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language transformations (XSLT) that users supply. This means that an attacker can upload malicious XSLT which can result in remote code execution on the Splunk Enterprise instance.\n\nFIRST-EPSS: 0.002390000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-11-30T07:07:15.000000Z"}, {"uuid": "a57b148f-9083-4831-a5ff-3231fa657282", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46214", "type": "seen", "source": "https://t.me/arpsyndicate/2010", "content": "#ExploitObserverAlert\n\nCVE-2023-46214\n\nDESCRIPTION: Exploit Observer has 9 entries related to CVE-2023-46214. In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language transformations (XSLT) that users supply. This means that an attacker can upload malicious XSLT which can result in remote code execution on the Splunk Enterprise instance.\n\nFIRST-EPSS: 0.144520000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-12-18T15:16:02.000000Z"}, {"uuid": "56c49784-82ad-473f-85f1-548bfe29a957", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46214", "type": "published-proof-of-concept", "source": "https://t.me/leak_db2/1263", "content": "Proof of concept exploit for CVE-2023-46214\n\nhttps://github.com/nathan31337/Splunk-RCE-poc", "creation_timestamp": "2023-11-21T14:14:29.000000Z"}, {"uuid": "e59e3014-9b9a-4e8b-bf33-da742ed7f77d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46214", "type": "seen", "source": "https://t.me/arpsyndicate/715", "content": "#ExploitObserverAlert\n\nCVE-2023-46214\n\nDESCRIPTION: Exploit Observer has 8 entries related to CVE-2023-46214. In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language transformations (XSLT) that users supply. This means that an attacker can upload malicious XSLT which can result in remote code execution on the Splunk Enterprise instance.\n\nFIRST-EPSS: 0.002390000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-11-29T10:16:37.000000Z"}, {"uuid": "82732117-53be-4065-bd1d-25e10d86b83d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46214", "type": "seen", "source": "https://t.me/arpsyndicate/596", "content": "#ExploitObserverAlert\n\nCVE-2023-46214\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-46214. In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language transformations (XSLT) that users supply. This means that an attacker can upload malicious XSLT which can result in remote code execution on the Splunk Enterprise instance.\n\nFIRST-EPSS: 0.002390000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-11-27T21:58:44.000000Z"}, {"uuid": "914be0b8-4fe4-4881-9d1c-06b0dc12286c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46214", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1832", "content": "CVE-2023-46214 - Splunk RCE\n*\nProof of concept exploit\n\n#splunk", "creation_timestamp": "2023-11-19T07:37:50.000000Z"}, {"uuid": "c37bbd08-099d-4890-a87b-94ba4033d5f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46214", "type": "published-proof-of-concept", "source": "https://t.me/RalfHackerChannel/1418", "content": "CVE-2023-46214: Splunk RCE\n\nhttps://github.com/nathan31337/Splunk-RCE-poc\n\n#git #exploit #pentest #redteam", "creation_timestamp": "2023-11-19T12:58:41.000000Z"}, {"uuid": "e9c5d14b-071d-41f6-819c-81c118156e95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46214", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9429", "content": "#exploit\n1. CVE-2023-46214:\nSplunk RCE\nhttps://github.com/nathan31337/Splunk-RCE-poc\n\n2. Canon imageCLASS MF742Cdw/MF743Cdw Exploit\nhttps://github.com/blasty/canon\n\n3. Growtopia Duplicator Exploit\nhttps://github.com/L3GOGT/Growtopia-Duplicator-Exploit", "creation_timestamp": "2023-11-20T10:57:23.000000Z"}, {"uuid": "382b1ff6-8a73-4ce6-a119-ccae7d4c0403", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46214", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/8056", "content": "Analysis of CVE-2023-46214 + PoC\nhttps://blog.hrncirik.net/cve-2023-46214-analysis", "creation_timestamp": "2023-11-27T10:31:45.000000Z"}, {"uuid": "e987031f-b310-44be-9e25-336ff76f1a2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46214", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/2041", "content": "#exploit\n1. CVE-2023-46214:\nSplunk RCE\nhttps://github.com/nathan31337/Splunk-RCE-poc\n\n2. Canon imageCLASS MF742Cdw/MF743Cdw Exploit\nhttps://github.com/blasty/canon\n\n3. Growtopia Duplicator Exploit\nhttps://github.com/L3GOGT/Growtopia-Duplicator-Exploit", "creation_timestamp": "2024-08-16T08:51:13.000000Z"}, {"uuid": "ef8e46f5-0850-4b34-bc2f-51199169d8cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46214", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1758", "content": "#exploit\n1. CVE-2023-46214:\nSplunk RCE\nhttps://github.com/nathan31337/Splunk-RCE-poc\n\n2. Canon imageCLASS MF742Cdw/MF743Cdw Exploit\nhttps://github.com/blasty/canon\n\n3. Growtopia Duplicator Exploit\nhttps://github.com/L3GOGT/Growtopia-Duplicator-Exploit", "creation_timestamp": "2024-08-16T08:46:03.000000Z"}, {"uuid": "912a4687-92a9-47fb-a637-02e3ca575948", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46214", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1726", "content": "CVE-2023-46214 - Splunk RCE\n*\nProof of concept exploit\n\n#splunk", "creation_timestamp": "2024-08-16T08:45:55.000000Z"}]}