Unrated severityNVD Advisory· Published Jun 1, 2023· Updated Feb 28, 2025
HTTP Response Splitting via the ‘rest’ SPL Command
CVE-2023-32708
Description
In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform versions below 9.0.2303.100, a low-privileged user can trigger an HTTP response splitting vulnerability with the ‘rest’ SPL command that lets them potentially access other REST endpoints in the system arbitrarily.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4< 9.0.2303.100+ 1 more
- (no CPE)range: < 9.0.2303.100
- (no CPE)range: -
< 9.0.5, < 8.2.11, < 8.1.14+ 1 more
- (no CPE)range: < 9.0.5, < 8.2.11, < 8.1.14
- (no CPE)range: 8.1
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.