PT-2023-23981 · Splunk · Splunk App For Stream+1
Ben Leonard-Lagarde
+1
·
Published
2023-06-01
·
Updated
2024-04-10
·
CVE-2023-32713
CVSS v3.1
9.9
Critical
| Vector | AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Splunk App for Stream versions prior to 8.1.1
Description
A low-privileged user could use a vulnerability in the
streamfwd process within the Splunk App for Stream to escalate their privileges on the machine that runs the Splunk Enterprise instance, up to and including the root user.Recommendations
For versions prior to 8.1.1, update to version 8.1.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the
streamfwd process to minimize the risk of exploitation.Fix
Improper Privilege Management
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Splunk App For Stream
Splunk Enterprise