PT-2023-7396 · Splunk · Splunk Enterprise+1
Danylo Dmytriiev
+1
·
Published
2023-05-10
·
Updated
2024-04-10
·
CVE-2023-32716
CVSS v2.0
6.8
Medium
| Vector | AV:N/AC:L/Au:S/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Splunk Enterprise versions prior to 9.0.5
Splunk Enterprise versions prior to 8.2.11
Splunk Enterprise versions prior to 8.1.14
Splunk Cloud Platform versions prior to 9.0.2303.100
Description
The issue is related to insufficient exception handling in the Splunk Enterprise platform for operational analysis. Exploitation of this issue can allow a remote attacker to cause a denial of service using the
dump SPL command. This can lead to the Splunk daemon crashing.Recommendations
For Splunk Enterprise versions prior to 9.0.5, update to version 9.0.5 or later.
For Splunk Enterprise versions prior to 8.2.11, update to version 8.2.11 or later.
For Splunk Enterprise versions prior to 8.1.14, update to version 8.1.14 or later.
For Splunk Cloud Platform versions prior to 9.0.2303.100, update to version 9.0.2303.100 or later.
As a temporary workaround, consider restricting access to the
dump SPL command to minimize the risk of exploitation.Fix
DoS
Improper Check for Exceptional Conditions
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Splunk Cloud Platform
Splunk Enterprise