Unrated severityNVD Advisory· Published Jun 1, 2023· Updated Feb 28, 2025
Information Disclosure via the ‘copyresults’ SPL Command
CVE-2023-32710
Description
In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and in Splunk Cloud Platform versions below 9.0.2303.100, a low-privileged user can perform an unauthorized transfer of data from a search using the ‘copyresults’ command if they know the search ID (SID) of a search job that has recently run.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4<9.0.2303.100+ 1 more
- (no CPE)range: <9.0.2303.100
- (no CPE)range: -
<9.0.5+ 1 more
- (no CPE)range: <9.0.5
- (no CPE)range: 8.1
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.