CVE-2023-22931

MEDIUM

Splunk Enterprise < 8.1.13 and 8.2.10 - Improper Authorization in RSS Feed Creation

Title source: llm
STIX 2.1

Description

In Splunk Enterprise versions below 8.1.13 and 8.2.10, the ‘createrss’ external search command overwrites existing Resource Description Format Site Summary (RSS) feeds without verifying permissions. This feature has been deprecated and disabled by default.

Scores

CVSS v3 4.3
EPSS 0.0036
EPSS Percentile 28.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Details

CWE
CWE-276 CWE-285
Status published
Products (2)
splunk/splunk 8.1.0 - 8.1.13
splunk/splunk_cloud_platform < 8.2.2203
Published Feb 14, 2023
Tracked Since Feb 18, 2026