all InfoSec news
Splunk Patches ANSI Bug in ITSI
Malware Analysis, News and Indicators - Latest topics malware.news
Splunk has fixed a serious–and seriously odd–bug that could allow an attacker to inject specific codes into Splunk IT Service Intelligence log files and potentially gain remote code execution.
Interestingly, the vulnerability (CVE-2023-0810) does not allow the attacker to take actions on the Splunk ITSI application itself, but rather on any vulnerable terminal application running on the victim’s machine. The bug affects versions 4.13.0 through 4.13.2 and 4.15.0 through 4.15.2 and it enables an attacker to inject ANSI escape codes …
actions ansi application bug code code execution cve files inject intelligence log log files patches remote code remote code execution serious service splunk terminal vulnerability vulnerable