{"api_version":"1","generated_at":"2026-04-21T17:19:01+00:00","cve":"CVE-2023-40596","urls":{"html":"https://cve.report/CVE-2023-40596","api":"https://cve.report/api/cve/CVE-2023-40596.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-40596","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-40596"},"summary":{"title":"CVE-2023-40596","description":"In Splunk Enterprise versions earlier than 8.2.12, 9.0.6, and 9.1.1, a dynamic link library (DLL) that ships with Splunk Enterprise references an insecure path for the OPENSSLDIR build definition. An attacker can abuse this reference and subsequently install malicious code to achieve privilege escalation on the Windows machine.","state":"PUBLIC","assigner":"prodsec@splunk.com","published_at":"2023-08-30 17:15:00","updated_at":"2023-11-07 04:20:00"},"problem_types":["CWE-427"],"metrics":[],"references":[{"url":"https://advisory.splunk.com/advisories/SVD-2023-0805","name":"https://advisory.splunk.com/advisories/SVD-2023-0805","refsource":"MISC","tags":[],"title":"SVD-2023-0805 | Splunk Vulnerability Disclosure","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-40596","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-40596","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"40596","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"40596","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"splunk","cpe5":"splunk","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"enterprise","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"40596","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"splunk","cpe5":"splunk","cpe6":"9.1.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"enterprise","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2023-40596","ASSIGNER":"prodsec@splunk.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"In Splunk Enterprise versions earlier than 8.2.12, 9.0.6, and 9.1.1, a dynamic link library (DLL) that ships with Splunk Enterprise references an insecure path for the OPENSSLDIR build definition. An attacker can abuse this reference and subsequently install malicious code to achieve privilege escalation on the Windows machine."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"The software does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.","cweId":"CWE-665"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"Splunk","product":{"product_data":[{"product_name":"Splunk Enterprise","version":{"version_data":[{"version_affected":"<","version_name":"8.2","version_value":"8.2.12"},{"version_affected":"<","version_name":"9.0","version_value":"9.0.6"},{"version_affected":"<","version_name":"9.1","version_value":"9.1.1"}]}}]}}]}},"references":{"reference_data":[{"url":"https://advisory.splunk.com/advisories/SVD-2023-0805","refsource":"MISC","name":"https://advisory.splunk.com/advisories/SVD-2023-0805"}]},"source":{"advisory":"SVD-2023-0805"},"credits":[{"lang":"en","value":"Will Dormann, Vul Labs"}],"impact":{"cvss":[{"vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.1","baseScore":7,"baseSeverity":"HIGH"}]}},"nvd":{"publishedDate":"2023-08-30 17:15:00","lastModifiedDate":"2023-11-07 04:20:00","problem_types":["CWE-427"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"},"exploitabilityScore":2,"impactScore":6}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"8.2.0","versionEndExcluding":"8.2.12","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"9.0.0","versionEndExcluding":"9.0.6","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:splunk:splunk:9.1.0:*:*:*:enterprise:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]}]}},"legacy_mitre":{"record":null,"notes":[]}}}