CVSS 3.1 Score 4.8 of 10 (medium)


Published Nov 16, 2023
Updated: Apr 10, 2024


CVE-2023-46213 is a vulnerability in Splunk Enterprise versions below 9.0.7 and 9.1.2 that allows for the execution of unauthorized code in a user's web browser due to ineffective escaping in the "Show syntax Highlighted" feature. The affected products include tDwx34, r-aB4S, r-aB4T, tjDv0n, tjDv0m, vVpzyZ, qGYeCx, tDwx31, and tDwx33. The base severity of this vulnerability is rated as MEDIUM with a base score of 4.8 according to NIST. The potential danger it poses to an organization includes the possibility of unauthorized code execution and potential security breaches. To remediate this vulnerability, organizations should update their Splunk Enterprise software to versions 9.0.7 or 9.1.2 or newer versions that address this issue.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-46213 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options