all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Splunk Patches ANSI Bug in ITSI

Add to bookmarks
Sept. 1, 2023, 1:05 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

Splunk has fixed a serious–and seriously odd–bug that could allow an attacker to inject specific codes into Splunk IT Service Intelligence log files and potentially gain remote code execution.


Interestingly, the vulnerability (CVE-2023-0810) does not allow the attacker to take actions on the Splunk ITSI application itself, but rather on any vulnerable terminal application running on the victim’s machine. The bug affects versions 4.13.0 through 4.13.2 and 4.15.0 through 4.15.2 and it enables an attacker to inject ANSI escape codes …

actions ansi application bug code code execution cve files inject intelligence log log files patches remote code remote code execution serious service splunk terminal vulnerability vulnerable

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Tech firms pledge to release products with built-in security features 4 hours ago | malware.news
agency companies cybersecurity design +11
Why Protecting Public Sector Personnel’s Devices is Essential 6 hours ago | malware.news
attackers attacks can case +29
RSAC 2024: Securing ‘fragmented’ identities in the cloud age 6 hours ago | malware.news
access age article assessments +15
Ransomware Attacks are Up, but Profits are Down: Chainalysis 9 hours ago | malware.news
attacks chainalysis control cyber +20
Apple security advisory (AV24-247) 9 hours ago | malware.news
advisory apple apple security article +8
‘TunnelVision’ DHCP flaw lets attackers bypass VPNs, redirect traffic 9 hours ago | malware.news
article attackers bypass dhcp +11
RSAC 2024: Attendees focus on AI, mobile, and threat telemetry 9 hours ago | malware.news
article can change down +16
Citrix security advisory (AV24-246) 9 hours ago | malware.news
advisory article canadian canadian centre for cyber security +7
How CISA is Preparing For the Influx of CIRCIA Reports 10 hours ago | malware.news
act backend circia cisa +21

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Sr. Staff Security Engineer

@ Databricks | San Francisco, California
View on infosec-jobs.com

Security Engineer

@ Nomi Health | Austin, Texas
View on infosec-jobs.com

Senior Principal Consultant, Security Architecture

@ 6point6 | Manchester, United Kingdom
View on infosec-jobs.com

Cyber Policy Advisor

@ IntelliBridge | McLean, VA, McLean, VA, US
View on infosec-jobs.com

TW Full Stack Software Engineer (Access Control & Intrusion Systems)

@ Bosch Group | Taipei, Taiwan
View on infosec-jobs.com

Cyber Software Engineer

@ Peraton | Annapolis Junction, MD, United States
View on infosec-jobs.com
View more jobs