CVE-2023-32707 HIGH

CVE-2023-32707: ‘edit_user’ Capability Privilege Escalation

Vendor Splunk

Product Splunk Enterprise

Weakness CWE-285

Published June 1, 2023

Last update March 11, 2025

View on NVD All CVEs

CVSS base score

8.8/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

In versions of Splunk Enterprise below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform below version 9.0.2303.100, a low-privileged user who holds a role that has the ‘edit_user’ capability assigned to it can escalate their privileges to that of the admin user by providing specially crafted web requests.

Key dates

02Disclosure timeline

June 1, 2023 CVE published

March 11, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-32707

Related vulnerabilities

Identifiers

CVE CVE-2023-32707

CWE CWE-285

CVSS 8.8 / HIGH

Affected versions

Vendor Splunk

Product Splunk Enterprise

Affected ≥ 8.1 and < 8.1.14

Vendor Splunk

Product Splunk Enterprise

Affected ≥ 8.2 and < 8.2.11

Vendor Splunk

Product Splunk Enterprise

Affected ≥ 9.0 and < 9.0.5

Vendor Splunk

Product Splunk Cloud Platform

Affected ≥ - and < 9.0.2303.100

CVE-2023-32707: ‘edit_user’ Capability Privilege Escalation

01Description

02Disclosure timeline

03References

04Related CVE