Create Splunk_Enterprise_XSLT_Command_Execute_Vulnerability.md

Splunk_Enterprise_XSLT_Command_Execute_Vulnerability.md

@@ -0,0 +1,12 @@
+## Splunk Enterprise XSLT Command Execute Vulnerability (CVE-2023-46214)
+
+|   **Vulnerability**  | Splunk Enterprise XSLT Command Execute Vulnerability (CVE-2023-46214)  |
+| :----:   | :-----|
+|  **Chinese name**  | Splunk Enterprise XSLT 命令执行漏洞（CVE-2023-46214）	 |
+| **CVSS core**  | 	8.0 |
+| **FOFA Query**  (click to view the results directly)| [app="splunk-Enterprise"](https://en.fofa.info/result?qbase64=Ym9keT0iX19zcGx1bmtkX3BhcnRpYWxzX18iICB8fCAoaGVhZGVyPSJTZXQtQ29va2llOiBzcGx1bmt3ZWJfdWlkPSIgJiYgYm9keT0iZW50ZXJwcmlzZSIp)|
+| **Number of assets affected**  | 134567 |
+| **Description**  | Splunk Enterprise is a data collection and analysis software developed by Splunk Corporation in the United States. This software is mainly used for collecting, indexing, and analyzing the data it generates, including data generated by all IT systems and infrastructure (physical, virtual machines, and cloud).Splunk Enterprise has a command execution vulnerability that does not securely clean up user provided Extensible Stylesheet Language Transformations (XSLTs). Attackers can exploit this vulnerability to upload malicious XSLTs and remotely execute commands on Splunk Enterprise instances. |
+| **Impact** | 	Splunk Enterprise has a command execution vulnerability that does not securely clean up user provided Extensible Stylesheet Language Transformations (XSLTs). Attackers can exploit this vulnerability to upload malicious XSLTs and remotely execute commands on Splunk Enterprise instances. |
+
+![](https://s3.bmp.ovh/imgs/2023/11/27/4f67b965b611da68.gif)