CVE-2023-32716

Status: Modified
Last modified: 10-04-2024
Published: 01-06-2023
6.5

SUMMARY CVE-2023-32716

In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform versions below 9.0.2303.100, an attacker can exploit a vulnerability in the {{dump}} SPL command to cause a denial of service by crashing the Splunk daemon.

Access CVSS3 CVE-2023-32716

Attack Complexity Attack Vector Privileges Required Scope User Interaction
LOW NETWORK LOW UNCHANGED NONE

Impact CVSS3 CVE-2023-32716

Confidentiality Integrity Availability
NONE NONE HIGH

Details CVE-2023-32716

EPSS 0.00076
EPSS % 0.33003
References
CWE CWE-754
Vulnerable Configurations
  • cpe:2.3:a:splunk:splunk:8.1.0:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:8.1.0:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:8.1.1:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:8.1.1:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:8.1.2:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:8.1.2:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:8.1.4:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:8.1.4:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:8.1.5:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:8.1.5:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:8.1.6:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:8.1.6:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:8.1.7:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:8.1.7:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:8.1.12:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:8.1.12:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:8.1.13:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:8.1.13:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:8.2.0:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:8.2.0:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:8.2.9:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:8.2.9:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:8.2.10:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:8.2.10:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:9.0.0:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:9.0.0:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:9.0.3:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:9.0.3:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk:9.0.4:*:*:*:enterprise:*:*:*
    cpe:2.3:a:splunk:splunk:9.0.4:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:splunk:splunk_cloud_platform:-:*:*:*:*:*:*:*
    cpe:2.3:a:splunk:splunk_cloud_platform:-:*:*:*:*:*:*:*
  • cpe:2.3:a:splunk:splunk_cloud_platform:8.1.2103:*:*:*:*:*:*:*
    cpe:2.3:a:splunk:splunk_cloud_platform:8.1.2103:*:*:*:*:*:*:*
  • cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2105:*:*:*:*:*:*:*
    cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2105:*:*:*:*:*:*:*
  • cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2106:*:*:*:*:*:*:*
    cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2106:*:*:*:*:*:*:*
  • cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2107:*:*:*:*:*:*:*
    cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2107:*:*:*:*:*:*:*
  • cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2109:*:*:*:*:*:*:*
    cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2109:*:*:*:*:*:*:*
  • cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2111:*:*:*:*:*:*:*
    cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2111:*:*:*:*:*:*:*
  • cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2112:*:*:*:*:*:*:*
    cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2112:*:*:*:*:*:*:*
  • cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2201:*:*:*:*:*:*:*
    cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2201:*:*:*:*:*:*:*
  • cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2202:*:*:*:*:*:*:*
    cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2202:*:*:*:*:*:*:*
  • cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2203:*:*:*:*:*:*:*
    cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2203:*:*:*:*:*:*:*
  • cpe:2.3:a:splunk:splunk_cloud_platform:9.0.2209:*:*:*:*:*:*:*
    cpe:2.3:a:splunk:splunk_cloud_platform:9.0.2209:*:*:*:*:*:*:*
  • cpe:2.3:a:splunk:splunk_cloud_platform:9.0.2209.3:*:*:*:*:*:*:*
    cpe:2.3:a:splunk:splunk_cloud_platform:9.0.2209.3:*:*:*:*:*:*:*
CVSS3 Source nvd@nist.gov
CVSS3 Type Primary
CVSS3 Vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

ATOM RSS Feed Link for CVE Vulnerabilities

CVE Data Propulsed by AKAOMA CyberSecurity