CVE-2023-32713 — HIGH (7.8)

Q: How severe is CVE-2023-32713?

CVE-2023-32713 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2023-32713?

Check the references section above for vendor advisories and patch information. Affected products include: Splunk Splunk App For Stream.

Vulnerability Description

In Splunk App for Stream versions below 8.1.1, a low-privileged user could use a vulnerability in the streamfwd process within the Splunk App for Stream to escalate their privileges on the machine that runs the Splunk Enterprise instance, up to and including the root user.

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Splunk	Splunk App For Stream	< 8.1.1

Related Weaknesses (CWE)

CWE-269

References

https://advisory.splunk.com/advisories/SVD-2023-0607Vendor Advisory
https://advisory.splunk.com/advisories/SVD-2023-0607Vendor Advisory

FAQ

What is CVE-2023-32713?

CVE-2023-32713 is a vulnerability with a CVSS score of 7.8 (HIGH). In Splunk App for Stream versions below 8.1.1, a low-privileged user could use a vulnerability in the streamfwd process within the Splunk App for Stream to escalate their privileges on the machine tha...

How severe is CVE-2023-32713?

CVE-2023-32713 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-32713?

Check the references section above for vendor advisories and patch information. Affected products include: Splunk Splunk App For Stream.