CVE-2023-22941

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, an improperly-formatted ‘INGEST_EVAL’ parameter in a [Field Transformation](https://docs.splunk.com/Documentation/Splunk/latest/Knowledge/Managefieldtransforms) crashes the Splunk daemon (splunkd).

Link	Resource
https://advisory.splunk.com/advisories/SVD-2023-0211	Vendor Advisory
https://research.splunk.com/application/08978eca-caff-44c1-84dc-53f17def4e14/	Vendor Advisory

Configuration 1

cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:* cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:* cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:* cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*

---

Published : 2023-02-14 06:15

Updated : 2023-02-23 04:03

---

NVD link : CVE-2023-22941

Mitre link : CVE-2023-22941

No products.

No CWE.