CVE-2023-32707 — Vulnetix

Try Vulnetix Request Demo

CVE-2023-32707 PUBLISHED

In Splunk Splunk Enterprise existieren mehrere Schwachstellen. Die Ursachen sind unter anderem ungenügende Zugriffs- und Eingabekontrollen und Path-Traversal, http Response Splitting und Cross Site Scripting Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Daten zu manipulieren oder offenzulegen, Sicherheitsvorkehrungen zu umgehen, oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion oder eine Anmeldung erforderlich.

EPSS 82.68% · 99.2th percentile

Risk Scores

EPSS Score

82.68%

99.2th percentile

Timeline

Jun 1, 2023 Metasploit Module
Jun 1, 2023 CVE Published
Jun 2, 2023 EPSS Score
Sep 11, 2023 PoC Published
Oct 26, 2023 PoC Published
Oct 27, 2023 EPSS Score
Oct 28, 2023 EPSS Score
Oct 30, 2023 PoC Published
Nov 1, 2023 EPSS Score
Jan 29, 2024 EPSS Score
Apr 7, 2024 EPSS Score
Apr 20, 2024 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1346.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1346 advisory
https://www.exploit-db.com/exploits/51747 exploit
https://advisory.splunk.com//advisories/SVD-2023-0612 advisory
https://advisory.splunk.com//advisories/SVD-2023-0611 advisory
https://advisory.splunk.com//advisories/SVD-2023-0610 advisory
https://advisory.splunk.com//advisories/SVD-2023-0609 advisory
https://advisory.splunk.com//advisories/SVD-2023-0608 advisory
https://advisory.splunk.com//advisories/SVD-2023-0607 advisory
https://advisory.splunk.com//advisories/SVD-2023-0606 advisory
https://advisory.splunk.com//advisories/SVD-2023-0605 advisory
https://advisory.splunk.com//advisories/SVD-2023-0604 advisory
https://advisory.splunk.com//advisories/SVD-2023-0603 advisory
https://advisory.splunk.com//advisories/SVD-2023-0602 advisory
https://advisory.splunk.com//advisories/SVD-2023-0601 advisory

Open in Interactive Console →