OpenCVE

In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform versions below 9.0.2303.100, an attacker can exploit a vulnerability in the {{dump}} SPL command to cause a denial of service by crashing the Splunk daemon.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Splunk	Splunk Splunk Cloud Platform

Configuration 1 [-]

OR	cpe:2.3:a:splunk:splunk:::::enterprise:::*
	cpe:2.3:a:splunk:splunk:::::enterprise:::*
	cpe:2.3:a:splunk:splunk:::::enterprise:::*
	cpe:2.3:a:splunk:splunk_cloud_platform::::::::

No data.

References

Link	Providers
https://advisory.splunk.com/advisories/SVD-2023-0611
https://research.splunk.com/application/fb0e6823-365f-48ed-b09e-272ac4c1dad6/

History

No history.

MITRE

Status: PUBLISHED

Assigner: Splunk

Published: 2023-06-01T16:34:29.168Z

Updated: 2024-10-30T15:06:47.023Z

Reserved: 2023-05-11T20:55:59.872Z

Link: CVE-2023-32716

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-06-01T17:15:10.630

Modified: 2024-11-21T08:03:54.430

Link: CVE-2023-32716

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-32716", "assignerOrgId": "42b59230-ec95-491e-8425-5a5befa1a469", "state": "PUBLISHED", "assignerShortName": "Splunk", "dateReserved": "2023-05-11T20:55:59.872Z", "datePublished": "2023-06-01T16:34:29.168Z", "dateUpdated": "2024-10-30T15:06:47.023Z"}, "containers": {"cna": {"affected": [{"product": "Splunk Enterprise", "vendor": "Splunk", "versions": [{"version": "8.1", "status": "affected", "versionType": "custom", "lessThan": "8.1.14"}, {"version": "8.2", "status": "affected", "versionType": "custom", "lessThan": "8.2.11"}, {"version": "9.0", "status": "affected", "versionType": "custom", "lessThan": "9.0.5"}]}, {"product": "Splunk Cloud Platform", "vendor": "Splunk", "versions": [{"version": "-", "status": "affected", "versionType": "custom", "lessThan": "9.0.2303.100"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform versions below 9.0.2303.100, an attacker can exploit a vulnerability in the {{dump}} SPL command to cause a denial of service by crashing the Splunk daemon."}], "value": "In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform versions below 9.0.2303.100, an attacker can exploit a vulnerability in the {{dump}} SPL command to cause a denial of service by crashing the Splunk daemon."}], "references": [{"url": "https://advisory.splunk.com/advisories/SVD-2023-0611"}, {"url": "https://research.splunk.com/application/fb0e6823-365f-48ed-b09e-272ac4c1dad6/"}], "title": "Denial of Service via the 'dump' SPL command", "datePublic": "2023-06-01T00:00:00.000000", "metrics": [{"cvssV3_1": {"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "baseScore": 6.5, "baseSeverity": "MEDIUM"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "cwe", "description": "The software does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the software.", "cweId": "CWE-754"}]}], "source": {"advisory": "SVD-2023-0611"}, "credits": [{"lang": "en", "value": "Danylo Dmytriiev (DDV_UA)"}], "providerMetadata": {"orgId": "42b59230-ec95-491e-8425-5a5befa1a469", "shortName": "Splunk", "dateUpdated": "2024-10-30T15:06:47.023Z"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T15:25:36.564Z"}, "title": "CVE Program Container", "references": [{"url": "https://advisory.splunk.com/advisories/SVD-2023-0611", "tags": ["x_transferred"]}, {"url": "https://research.splunk.com/application/fb0e6823-365f-48ed-b09e-272ac4c1dad6/", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "285DAAE6-0931-41DA-A64A-25ED6A3BE2C5", "versionEndExcluding": "8.1.14", "versionStartIncluding": "8.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "E924894C-6C74-4F3B-B8FC-B3FDA0F487F3", "versionEndExcluding": "8.2.11", "versionStartIncluding": "8.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "4FF90BE2-6E2E-41F7-A77E-7547CBDD8596", "versionEndExcluding": "9.0.5", "versionStartIncluding": "9.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*", "matchCriteriaId": "97F2BD15-F25B-488B-B2AC-AD33239B4A27", "versionEndExcluding": "9.0.2303.100", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform versions below 9.0.2303.100, an attacker can exploit a vulnerability in the {{dump}} SPL command to cause a denial of service by crashing the Splunk daemon."}], "id": "CVE-2023-32716", "lastModified": "2024-11-21T08:03:54.430", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "prodsec@splunk.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-06-01T17:15:10.630", "references": [{"source": "prodsec@splunk.com", "tags": ["Vendor Advisory"], "url": "https://advisory.splunk.com/advisories/SVD-2023-0611"}, {"source": "prodsec@splunk.com", "tags": ["Vendor Advisory"], "url": "https://research.splunk.com/application/fb0e6823-365f-48ed-b09e-272ac4c1dad6/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://advisory.splunk.com/advisories/SVD-2023-0611"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://research.splunk.com/application/fb0e6823-365f-48ed-b09e-272ac4c1dad6/"}], "sourceIdentifier": "prodsec@splunk.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-754"}], "source": "prodsec@splunk.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-754"}], "source": "nvd@nist.gov", "type": "Primary"}]}