We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2023-32709

Low-privileged User can View Hashed Default Splunk Password



AssignerSplunk
Reserved2023-05-11
Published2023-06-01
Updated2024-10-30

Description

In Splunk Enterprise versions below 9.0.5, 8.2.11. and 8.1.14, and Splunk Cloud Platform versions below 9.0.2303.100, a low-privileged user who holds the ‘user’ role can see the hashed version of the initial user name and password for the Splunk instance by using the ‘rest’ SPL command against the ‘conf-user-seed’ REST endpoint.



MEDIUM: 4.3CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Product status

8.1 before 8.1.14
affected

8.2 before 8.2.11
affected

9.0 before 9.0.5
affected

- before 9.0.2303.100
affected

Credits

Anton (therceman)

References

https://advisory.splunk.com/advisories/SVD-2023-0604

https://research.splunk.com/application/a1be424d-e59c-4583-b6f9-2dcc23be4875/

cve.org CVE-2023-32709

nvd.nist.gov CVE-2023-32709

Download JSON

Share this page
https://cve.threatint.com
Subscribe to our newsletter to learn more about our work.