CVE-2023-32709

CVSS V2 None CVSS V3 None
Description
In Splunk Enterprise versions below 9.0.5, 8.2.11. and 8.1.14, and Splunk Cloud Platform versions below 9.0.2303.100, a low-privileged user who holds the ‘user’ role can see the hashed version of the initial user name and password for the Splunk instance by using the ‘rest’ SPL command against the ‘conf-user-seed’ REST endpoint.
Overview
  • CVE ID
  • CVE-2023-32709
  • Assigner
  • Splunk
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2023-06-01T16:34:30.933Z
  • Last Modified Date
  • 2024-04-10T00:53:12.879Z
History
Created Old Value New Value Data Type Notes
2024-06-25 11:08:58 Added to TrackCVE