CVE-2023-32716

Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 9.0.5 Splunk Enterprise versions prior to 8.2.11 Splunk Enterprise versions prior to 8.1.14 Splunk Cloud Platform versions prior to 9.0.2303.100

Description The issue is related to insufficient exception handling in the Splunk Enterprise platform for operational analysis. Exploitation of this issue can allow a remote attacker to cause a denial of service using the dump SPL command. This can lead to the Splunk daemon crashing.

Recommendations For Splunk Enterprise versions prior to 9.0.5, update to version 9.0.5 or later. For Splunk Enterprise versions prior to 8.2.11, update to version 8.2.11 or later. For Splunk Enterprise versions prior to 8.1.14, update to version 8.1.14 or later. For Splunk Cloud Platform versions prior to 9.0.2303.100, update to version 9.0.2303.100 or later. As a temporary workaround, consider restricting access to the dump SPL command to minimize the risk of exploitation.