CVE-2023-40598 Information

Description

In Splunk Enterprise versions below 8.2.12 9.0.6 and 9.1.1 an attacker can create an external lookup that calls a legacy internal function. The attacker can use this internal function to insert code into the Splunk platform installation directory. From there a user can execute arbitrary code on the Splunk platform Instance.

Reference

https://advisory.splunk.com/advisories/SVD-2023-0807