CVE-2023-41265

Confirmed PUBLISHED

An HTTP Request Tunneling vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7...

Qlik · Qlik Sense Enterprise for Windows
Exploited in the wild Used in malware PoC available

Recommended Action

Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.

Confidence
Confirmed
Exploitation Status
Exploited in the wild
Observed in Sensors
No
Attempts (30d)
Unique Attacker IPs
CISA KEV
In CISA KEV
CVSS / EPSS
9.6 Critical EPSS 85.0%

At a Glance

An HTTP Request Tunneling vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier allows a remote attacker to elevate their privilege by tunneling HTTP requests in the raw HTTP request. This allows them to send requests that get executed by the backend server hosting the repository application. This is fixed in August 2023 IR, May 2023 Patch 4, February 2023 Patch 8, November 2022 Patch 11, and August 2022 Patch 13.

malware cisa ransomware nuclei_scanner windows
CVE Published
Aug 29, 2023
Exploitation Reported
Dec 07, 2023
CVSS
9.6 Critical
EPSS
85.0%
Remote Low complexity No user interaction

Affected Versions

Vendor Product Version Status
qlik
qlik_sense

0 to <= may_2023

Affected
qlik
qlik_sense

0 to <= february_2023

Affected
qlik
qlik_sense

0 to <= august_2022

Affected
n/a
n/a

n/a

Affected

CVE References

Recommended Actions

  • Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.
  • Check enrichment artifacts for scanner coverage and available PoCs before rolling remediation validation.
  • Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.