XML External Entity (XXE) Injection in Splunk Enterprise Versions Below 8.1.12, 8.2.9, and 9.0.2 via Custom View

XML External Entity (XXE) Injection in Splunk Enterprise Versions Below 8.1.12, 8.2.9, and 9.0.2 via Custom View

CVE-2022-43570 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, an authenticated user can perform an extensible markup language (XML) external entity (XXE) injection via a custom View. The XXE injection causes Splunk Web to embed incorrect documents into an error.

Learn more about our Web App Pen Testing.