CVE-2023-40596

Summary

In Splunk Enterprise versions earlier than 8.2.12, 9.0.6, and 9.1.1, a dynamic link library (DLL) that ships with Splunk Enterprise references an insecure path for the OPENSSLDIR build definition. An attacker can abuse this reference and subsequently install malicious code to achieve privilege escalation on the Windows machine.

Affected Software

VendorProductVersion RangeStatus
SplunkSplunk Enterprise8.2 < 8.2.12affected
SplunkSplunk Enterprise9.0 < 9.0.6affected
SplunkSplunk Enterprise9.1 < 9.1.1affected

Weaknesses

  • CWE-665: The software does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References