CVE-2023-22931 Information

Description

In Splunk Enterprise versions below 8.1.13 and 8.2.10 the ‘createrss’ external search command overwrites existing Resource Description Format Site Summary (RSS) feeds without verifying permissions. This feature has been deprecated and disabled by default.

Reference

https://advisory.splunk.com/advisories/SVD-2023-0201 https://research.splunk.com/application/ee69374a-d27e-4136-adac-956a96ff60fd/