CVE-2023-22941

MEDIUM

Splunk Enterprise <8.1.13, 8.2.10, 9.0.4 - DoS

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-22941. PoCs published by eduardosantos1989.

AI-analyzed exploit summary The repository contains only an empty README.md file with no exploit code, technical details, or meaningful content related to CVE-2023-22941.

Description

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, an improperly-formatted ‘INGEST_EVAL’ parameter in a Field Transformation crashes the Splunk daemon (splunkd).

Exploits (1)

nomisec STUB

by eduardosantos1989 · poc

https://github.com/eduardosantos1989/CVE-2023-22941

View Code ZIP pw:eip

The repository contains only an empty README.md file with no exploit code, technical details, or meaningful content related to CVE-2023-22941.

Classification

Stub 100%

Attack Type

Other

Complexity

Trivial

Reliability

Theoretical

Target: unknown

No auth needed

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2

Core References

Vendor Advisory

https://advisory.splunk.com/advisories/SVD-2023-0211

Vendor Advisory

https://research.splunk.com/application/08978eca-caff-44c1-84dc-53f17def4e14/

Scores

CVSS v3 6.5

EPSS 0.0103

EPSS Percentile 59.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-248

Status published

Products (2)

splunk/splunk 8.1.0 - 8.1.13

splunk/splunk_cloud_platform < 9.0.2209.3

Published Feb 14, 2023

Tracked Since Feb 18, 2026