CVE-2023-4571

Summary

CVE-2023-4571 is a vulnerability affecting Splunk IT Service Intelligence (ITSI) versions below 4.13.3, 4.15.3, and 4.17.1. Malicious actors can inject ANSI escape codes into ITSI log files, which, if read by a vulnerable terminal application, can execute malicious code. This attack requires the attacker to manipulate the user to read the malicious log file using a terminal application that translates ANSI codes. The vulnerability does not directly impact ITSI, but its indirect consequences depend on the permissions of the terminal application and the location of the malicious log file reading.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.