Splunk Enterprise < 9.0.4 XSS (SVD-2023-0202)

Version 1.3

Feb 24, 2023, 2:05 PM

CVSS metrics ("CVSSv2 score" changed from "8.5" to "6.4". "CVSSv2 score" changed from "8.5" to "6.4". "CVSSv2 score" changed from "8.5" to "6.4". "CVSSv3 vector" changed from "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" to "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N". "CVSSv3 score" changed from "8.7" to "6.1". "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:N" to "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N". "CVSSv3 vector" changed from "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" to "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N". "CVSSv3 score" changed from "8.7" to "6.1". "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:N" to "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N". "CVSSv3 vector" changed from "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" to "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N". "CVSSv3 score" changed from "8.7" to "6.1". "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:N" to "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N". "CVSSv3 vector" changed from "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" to "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N")
CVSSv2 severity (based on CVE-2023-22932, severity decreased from "High" to "Medium")
CVSSv3 score source (set to "CVE-2023-22932")
CVSSv3 severity (based on CVE-2023-22932, severity decreased from "High" to "Medium")
Exploit attributes ("Exploit available" set to "False")