admin/wy876_POC
1
0
Fork 0
mirror of https://github.com/wy876/POC.git synced 2025-02-27 04:39:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
wy876_POC/Splunk Enterprise 远程代码执行漏洞 (CVE-2023-46214).md

14 lines
602 B
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

## Splunk Enterprise 远程代码执行漏洞 (CVE-2023-46214)
Splunk 是一款机器数据的引擎,可用于收集、索引和利用所有应用程序、服务器和设备生成的快速移动型计算机数据 。
在 Splunk Enterprise 9.0.7 和 9.1.2 以下版本中Splunk Enterprise 无法安全地对用户提供的可扩展样式表语言转换 (XSLT) 进行过滤,攻击者可以上传恶意 XSLT从而在 Splunk Enterprise 实例上远程执行代码。
## exp
- https://github.com/nathan31337/Splunk-RCE-poc
## 漏洞分析
- https://blog.hrncirik.net/cve-2023-46214-analysis
Reference in New Issue View Git Blame Copy Permalink