exploitDog

CVE-2023-32713

Опубликовано: 01 июн. 2023

Источник: nvd

CVSS3: 7.8

CVSS3: 9.9

EPSS Низкий

Описание

In Splunk App for Stream versions below 8.1.1, a low-privileged user could use a vulnerability in the streamfwd process within the Splunk App for Stream to escalate their privileges on the machine that runs the Splunk Enterprise instance, up to and including the root user.

Ссылки

https://advisory.splunk.com/advisories/SVD-2023-0607
Vendor Advisory
https://advisory.splunk.com/advisories/SVD-2023-0607
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:splunk:splunk_app_for_stream:*:*:*:*:*:*:*:*

Версия до 8.1.1 (исключая)

EPSS

Процентиль: 37%

0.00156

Низкий

7.8 High

CVSS3

9.9 Critical

CVSS3

Дефекты

CWE-269

CWE-269

Связанные уязвимости

GHSA-9pgh-4g73-wwx9

CVSS3: 7.8

github

больше 2 лет назад

In Splunk App for Stream versions below 8.1.1, a low-privileged user could use a vulnerability in the streamfwd process within the Splunk App for Stream to escalate their privileges on the machine that runs the Splunk Enterprise instance, up to and including the root user.

EPSS

Процентиль: 37%

0.00156

Низкий

7.8 High

CVSS3

9.9 Critical

CVSS3

Дефекты

CWE-269

CWE-269