CVE-2023-32708: HTTP Response Splitting via the ‘rest’ SPL Command

7.2 CVSS

Description

In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform versions below 9.0.2303.100, a low-privileged user can trigger an HTTP response splitting vulnerability with the ‘rest’ SPL command that lets them potentially access other REST endpoints in the system arbitrarily.

Classification

CVE ID: CVE-2023-32708

CVSS Base Severity: HIGH

CVSS Base Score: 7.2

Affected Products

Vendor: Splunk

Product: Splunk Enterprise

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.15% (probability of being exploited)

EPSS Percentile: 52.58% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://advisory.splunk.com/advisories/SVD-2023-0603
https://research.splunk.com/application/e615a0e1-a1b2-4196-9865-8aa646e1708c/

Timeline

2024-12-11 00:30:48 UTC
CVE

HTTP Response Splitting via the ‘rest’ SPL Command