CVE-2023-32710Sensitive Information Exposure in Cloud Platform

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
5.3MEDIUMNVD
CNA4.8
EPSS
0.3%
top 47.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Splunk Cloud PlatformSplunk EnterpriseSplunk
Timeline
PublishedJun 1
Latest updateJul 6

Description

In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and in Splunk Cloud Platform versions below 9.0.2303.100, a low-privileged user can perform an unauthorized transfer of data from a search using the ‘copyresults’ command if they know the search ID (SID) of a search job that has recently run.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.6 | Impact: 3.6

Affected Packages4 packages

CVEListV5splunk/splunk_cloud_platform-9.0.2303.100
NVDsplunk/splunk_cloud_platform< 9.0.2303.100
CVEListV5splunk/splunk_enterprise8.18.1.14+2
NVDsplunk/splunk8.1.08.1.14+2

🔴Vulnerability Details

2
GHSA
GHSA-wm27-q845-m8xc: In Splunk Enterprise versions below 92023-07-06
CVEList
Information Disclosure via the ‘copyresults’ SPL Command2023-06-01
CVE-2023-32710 — Sensitive Information Exposure | cvebase