CVE-2023-40595 Information

Description

In Splunk Enterprise versions lower than 8.2.12 9.0.6 and 9.1.1 an attacker can execute a specially crafted query that they can then use to serialize untrusted data. The attacker can use the query to execute arbitrary code.

Reference

https://advisory.splunk.com/advisories/SVD-2023-0804