HTTP Response Splitting Vulnerability in Splunk Enterprise and Splunk Cloud Platform

HTTP Response Splitting Vulnerability in Splunk Enterprise and Splunk Cloud Platform

CVE-2023-32708 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform versions below 9.0.2303.100, a low-privileged user can trigger an HTTP response splitting vulnerability with the ‘rest’ SPL command that lets them potentially access other REST endpoints in the system arbitrarily.

Learn more about our Cloud Audit.