4 matches found
Splunk Enterprise 8.1 < 8.1.13, 8.2.0 < 8.2.10, 9.0.0 < 9.0.4 (SVD-2023-0208)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2023-0208 advisory. - In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the sendemail' REST API endpoint lets any authenticated user...
CVE-2023-22938 Permissions Validation Failure in the ‘sendemail’ REST API Endpoint in Splunk Enterprise
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘sendemail’ REST API endpoint lets any authenticated user send an email as the Splunk instance. The endpoint is now restricted to the ‘splunk-system-user’ account on the local instance...
CVE-2023-22938
CVE-2023-22938 affects Splunk Enterprise: in versions below 8.1.13, 8.2.10, and 9.0.4, the sendemail REST API endpoint allows any authenticated user to send an email as the Splunk instance. The root cause is improper permission validation on the endpoint, enabling unauthorized mail actions. The v...
CVE-2023-22938 Permissions Validation Failure in the ‘sendemail’ REST API Endpoint in Splunk Enterprise
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘sendemail’ REST API endpoint lets any authenticated user send an email as the Splunk instance. The endpoint is now restricted to the ‘splunk-system-user’ account on the local instance...