CVE-2023-32710: Information Disclosure via the ‘copyresults’ SPL Command

4.8 CVSS

Description

In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and in Splunk Cloud Platform versions below 9.0.2303.100, a low-privileged user can perform an unauthorized transfer of data from a search using the ‘copyresults’ command if they know the search ID (SID) of a search job that has recently run.

Classification

CVE ID: CVE-2023-32710

CVSS Base Severity: MEDIUM

CVSS Base Score: 4.8

Affected Products

Vendor: Splunk

Product: Splunk Enterprise

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.06% (probability of being exploited)

EPSS Percentile: 27.26% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://advisory.splunk.com/advisories/SVD-2023-0609

Timeline

2024-12-11 00:30:48 UTC
CVE

Information Disclosure via the ‘copyresults’ SPL Command