Vulnerability Description
In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform versions below 9.0.2303.100, a low-privileged user can trigger an HTTP response splitting vulnerability with the ‘rest’ SPL command that lets them potentially access other REST endpoints in the system arbitrarily.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Splunk | Splunk | >= 8.1.0, < 8.1.14 |
| Splunk | Splunk Cloud Platform | < 9.0.2303.100 |
Related Weaknesses (CWE)
References
- https://advisory.splunk.com/advisories/SVD-2023-0603Vendor Advisory
- https://research.splunk.com/application/e615a0e1-a1b2-4196-9865-8aa646e1708c/Vendor Advisory
- https://advisory.splunk.com/advisories/SVD-2023-0603Vendor Advisory
- https://research.splunk.com/application/e615a0e1-a1b2-4196-9865-8aa646e1708c/Vendor Advisory
FAQ
What is CVE-2023-32708?
CVE-2023-32708 is a vulnerability with a CVSS score of 7.2 (HIGH). In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform versions below 9.0.2303.100, a low-privileged user can trigger an HTTP response splitting vulnerability with th...
How severe is CVE-2023-32708?
CVE-2023-32708 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-32708?
Check the references section above for vendor advisories and patch information. Affected products include: Splunk Splunk, Splunk Splunk Cloud Platform.