First published: Thu Nov 16 2023(Updated: )
In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language transformations (XSLT) that users supply. This means that an attacker can upload malicious XSLT which can result in remote code execution on the Splunk Enterprise instance.
|Affected Software||Affected Version||How to fix|
CVE-2023-46214 is a vulnerability in Splunk Enterprise versions below 9.0.7 and 9.1.2 that allows remote code execution (RCE) through insecure XML parsing.
CVE-2023-46214 allows an attacker to upload malicious XSLT files, which can result in remote code execution on the Splunk Enterprise instance.
Splunk Enterprise versions below 9.0.7 and 9.1.2 are affected by CVE-2023-46214.
CVE-2023-46214 has a severity rating of high.
To fix CVE-2023-46214, update Splunk Enterprise to version 9.0.7 or 9.1.2.