CVE Vulnerability

CVE-2022-26889

In Splunk Enterprise versions before 8.1.2, the uri path to load a relative resource within a web page is vulnerable to path traversal. It allows an attacker to potentially inject arbitrary content into the web page (e.g., HTML Injection, XSS) or bypass SPL safeguards for risky commands. The attack is browser-based. An attacker cannot exploit the attack at will and requires the attacker to initiate a request within the victim's browser (e.g., phishing).

5.1 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 4.9 / Impact : 6.4

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

Scope

8.8 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.splunk.com/en_us/product-security/announcements/svd-2022-0506.html Vendor Advisory
https://research.splunk.com/application/path_traversal_spl_injection/ Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
Information

Published : 2022-05-06 05:15

Updated : 2022-10-19 03:35

NVD link : CVE-2022-26889

Mitre link : CVE-2022-26889

Products Affected
No products.
CWE
CWE-22