VDB
CVE-2023-32707
CVE-2023-32707
PUBLISHED
In Splunk Splunk Enterprise existieren mehrere Schwachstellen. Die Ursachen sind unter anderem ungenügende Zugriffs- und Eingabekontrollen und Path-Traversal, http Response Splitting und Cross Site Scripting Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Daten zu manipulieren oder offenzulegen, Sicherheitsvorkehrungen zu umgehen, oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion oder eine Anmeldung erforderlich.
EPSS 82.68% · 99.3th percentile
Risk Scores
EPSS Score
82.68%
99.3th percentile
Exploit Intelligence
- An improved POC exploit based on the reported CVE on exploitdb (github-poc)
- An improved POC exploit based on the reported CVE on exploitdb (github-poc)
- An improved POC exploit based on the reported CVE on exploitdb (github-poc)
- An improved POC exploit based on the reported CVE on exploitdb (github-poc)
- An improved POC exploit based on the reported CVE on exploitdb (github-poc)
- An improved POC exploit based on the reported CVE on exploitdb (github-poc)
- CIRCL seen: CVE-2023-32707 (circl-sighting)
- CIRCL seen: CVE-2023-32707 (circl-sighting)
- CIRCL seen: CVE-2023-32707 (circl-sighting)
- CIRCL seen: CVE-2023-32707 (circl-sighting)
…and 9 more exploits
Timeline
- Jun 1, 2023 Metasploit Module
- Jun 1, 2023 CVE Published
- Jun 2, 2023 EPSS Score
- Sep 11, 2023 PoC Published
- Oct 26, 2023 PoC Published
- Oct 27, 2023 EPSS Score
- Oct 28, 2023 EPSS Score
- Oct 30, 2023 PoC Published
- Nov 1, 2023 EPSS Score
- Jan 29, 2024 EPSS Score
- Apr 7, 2024 EPSS Score
- Apr 20, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1346.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1346 advisory
- https://www.exploit-db.com/exploits/51747 exploit
- https://advisory.splunk.com//advisories/SVD-2023-0612 advisory
- https://advisory.splunk.com//advisories/SVD-2023-0611 advisory
- https://advisory.splunk.com//advisories/SVD-2023-0610 advisory
- https://advisory.splunk.com//advisories/SVD-2023-0609 advisory
- https://advisory.splunk.com//advisories/SVD-2023-0608 advisory
- https://advisory.splunk.com//advisories/SVD-2023-0607 advisory
- https://advisory.splunk.com//advisories/SVD-2023-0606 advisory
- https://advisory.splunk.com//advisories/SVD-2023-0605 advisory
- https://advisory.splunk.com//advisories/SVD-2023-0604 advisory
- https://advisory.splunk.com//advisories/SVD-2023-0603 advisory
- https://advisory.splunk.com//advisories/SVD-2023-0602 advisory
- https://advisory.splunk.com//advisories/SVD-2023-0601 advisory