CVE-2023-32710 MEDIUM

CVE-2023-32710: Information Disclosure via the ‘copyresults’ SPL Command

Vendor Splunk
Product Splunk Enterprise
Weakness CWE-200 · Info exposure
Published June 1, 2023
Last update February 28, 2025
View on NVD All CVEs

CVSS base score

4.8/10
Attack vector Network
Attack complexity High
Privileges required Low
User interaction Required
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and in Splunk Cloud Platform versions below 9.0.2303.100, a low-privileged user can perform an unauthorized transfer of data from a search using the ‘copyresults’ command if they know the search ID (SID) of a search job that has recently run.

Key dates

02Disclosure timeline

June 1, 2023 CVE published
February 28, 2025 Record updated

Related vulnerabilities

04Related CVE

CVE-2026-22604 OpenProject is vulnerable to user enumeration via the change password function CVE-2026-47124 Nezha WebSocket server stream discloses cross-tenant server telemetry to authenticated members CVE-2024-33003 Information Disclosure Vulnerability in SAP Commerce Cloud CVE-2026-0717 LottieFiles – Lottie block for Gutenberg <= 3.0.0 - Unauthenticated Sensitive Information Exposure CVE-2026-39857 Information Disclosure via `choices`/`counts` Query Parameters Bypassing publicApiProjection Field Restrictions