In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can exploit an absolute path traversal to execute arbitrary code that is located on a separate disk.
2023-08-30T17:15:10.180
2024-11-21T08:19:47.677
Modified
CVSSv3.1: 7.8 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | splunk | splunk | < 8.2.12 | Yes |
| Application | splunk | splunk | < 9.0.6 | Yes |
| Application | splunk | splunk | 9.1.0 | Yes |
| Application | splunk | splunk_cloud_platform | ≤ 9.0.2305.100 | Yes |