CVE-2023-32713: Local Privilege Escalation via the ‘streamfwd’ program in Splunk App for Stream

7.8 CVSS

Description

In Splunk App for Stream versions below 8.1.1, a low-privileged user could use a vulnerability in the streamfwd process within the Splunk App for Stream to escalate their privileges on the machine that runs the Splunk Enterprise instance, up to and including the root user.

Classification

CVE ID: CVE-2023-32713

CVSS Base Severity: HIGH

CVSS Base Score: 7.8

Affected Products

Vendor: Splunk

Product: Splunk App for Stream

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.15% (probability of being exploited)

EPSS Percentile: 51.6% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://advisory.splunk.com/advisories/SVD-2023-0607

Timeline

2024-12-11 00:30:48 UTC
CVE

Local Privilege Escalation via the ‘streamfwd’ program in Splunk App for Stream