Splunk RCE Vulnerability Let Attackers Upload Malicious File

A high-severity Remote Code Execution (RCE) flaw in Splunk Enterprise has been discovered, enabling an attacker to upload malicious files. Versions of Splunk Enterprise less than 9.0.7 and 9.1.2 do not properly sanitize user-supplied extended stylesheet language transformations (XSLT). This implies that a malicious XSLT can be uploaded by an attacker, which may cause remote code execution on […]

The post Splunk RCE Vulnerability Let Attackers Upload Malicious File appeared first on Cyber Security News.

attacker attackers code code execution cyber security enterprise file files flaw high language malicious rce remote code remote code execution severity splunk splunk enterprise upload vulnerability xslt