CVE-2023-32708
HIGH WAF: High
CVSS 8.8
Published: 2023-06-01
CWE-113
In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform versions below 9.0.2303.100, a low-privileged user can trigger an HTTP response splitting vulnerability with the ‘rest’ SPL command that lets them potentially access other REST endpoints in the system arbitrarily.
WAF Coverage Analysis
HTTP Response Splitting
High WAF Coverage
OWASP: A03:2021 Injection
921xxx - Protocol Attack
Affected Software
| Vendor | Product | Version |
|---|---|---|
| splunk | splunk | 8.1.0 - 8.1.14 |
| splunk | splunk | 8.2.0 - 8.2.11 |
| splunk | splunk | 9.0.0 - 9.0.5 |
| splunk | splunk_cloud_platform | up to 9.0.2303.100 |
References
- advisory.splunk.com (Vendor Advisory)
- research.splunk.com (Vendor Advisory)