Emerging Threats
CVE2023
CVE-2023-46214
2Rules
3References
1Folders
2023-11-27Latest
Summary
CVE-2023-46214 is tracked here through 2 Sigma detections for exploitation attempts and related post-exploitation behavior observed in 2023. Coverage centers on webserver.
Related Detections
Search this threatEmerging Threathightest
Exploitation Attempt Of CVE-2023-46214 Using Public POC Code
Detects exploitation attempt of CVE-2023-46214, a remote code execution (RCE) in Splunk Enterprise through insecure XML parsing using known public proof of concept code
Web Server Log
TA0008 · Lateral MovementT1210 · Exploitation of Remote Servicescve.2023-46214detection.emerging-threats
Lars B. P. Frydenskov(Trifork Security)Mon Nov 272023
Emerging Threatmediumtest
Potential CVE-2023-46214 Exploitation Attempt
Detects potential exploitation of CVE-2023-46214, a remote code execution (RCE) in Splunk Enterprise through insecure XML parsing
Web Server Log
TA0008 · Lateral MovementT1210 · Exploitation of Remote Servicescve.2023-46214detection.emerging-threats
Nasreddine Bencherchali (Nextron Systems)+1Mon Nov 272023
References