CVE-2023-32707: ‘edit_user’ Capability Privilege Escalation

8.8 CVSS

Description

In versions of Splunk Enterprise below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform below version 9.0.2303.100, a low-privileged user who holds a role that has the ‘edit_user’ capability assigned to it can escalate their privileges to that of the admin user by providing specially crafted web requests.

Classification

CVE ID: CVE-2023-32707

CVSS Base Severity: HIGH

CVSS Base Score: 8.8

Affected Products

Vendor: Splunk

Product: Splunk Enterprise

Exploit Prediction Scoring System (EPSS)

EPSS Score: 88.64% (probability of being exploited)

EPSS Percentile: 98.98% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://advisory.splunk.com/advisories/SVD-2023-0602
https://research.splunk.com/application/39e1c326-67d7-4c0d-8584-8056354f6593/

Timeline

2024-12-11 00:30:48 UTC
CVE

‘edit_user’ Capability Privilege Escalation