CVE-2022-43567

In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can run arbitrary operating system commands remotely through the use of specially crafted requests to the mobile alerts feature in the Splunk Secure Gateway app.

Published: Nov 5, 2022
Updated: Nov 8, 2023
CVE: CVE-2022-43567
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-502

OWASP TOP 10:

A8 - Insecure Deserialization

Affected Software
References

Software	From	Fixed in
splunk / splunk	9.0.0	9.0.2
splunk / splunk	8.2.0	8.2.9
splunk / splunk	8.1.0	8.1.12
splunk / splunk_cloud_platform	-	9.0.2205

https://research.splunk.com/application/baa41f09-df48-4375-8991-520beea161be/
https://www.splunk.com/en_us/product-security/announcements/svd-2022-1107.html

Vulnerability Database

289,697

CVE-2022-43567