10 matches found
Metasploit Wrap-Up 03/08/2024
New module content 2 GitLab Tags RSS feed email disclosure Authors: erruquill and n00bhaxor Type: Auxiliary Pull request: 18821 contributed by n00bhaxor Path: gather/gitlabtagsrssfeedemaildisclosure AttackerKB reference: CVE-2023-5612 Description: This adds an auxiliary module that leverages an...
Exploit for Improper Authorization in Splunk
CVE-2023-32707 An improved POC exploit based on the reported C...
Splunk "edit_user" Capability Privilege Escalation
A low-privileged user who holds a role that has the "edituser" capability assigned to it can escalate their privileges to that of the admin user by providing a specially crafted web request. This is because the "edituser" capability does not honor the "grantableRoles" setting in the authorize.con...
Splunk 9.0.5 - admin account take over
!/usr/bin/env python3 Exploit Title: Splunk 9.0.5 - admin account take over Author: Redway Security Discovery: Santiago Lopez CVE: CVE-2023-32707 Vendor Description: A low-privilege user who holds a role that has the edituser capability assigned to it can escalate their privileges to that of the...
Splunk Enterprise Account Takeover Exploit
Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14 allows low-privileged users who hold a role with edituser capability assigned to it the ability to escalate their privileges to that of the admin user by providing specially crafted web requests...
Splunk Enterprise Account Takeover
https://github.com/redwaysecurity/CVEs/blob/main/CVE-2023-32707/README.md !/usr/bin/env python3 Splunk admin account take over exploit - CVE-2023-32707 Author: Redway Security Discovery: Santiago Lopez Vendor Description: A low-privilege user who holds a role that has the edituser capability...
CVE-2023-32707
In versions of Splunk Enterprise below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform below version 9.0.2303.100, a low-privileged user who holds a role that has the ‘edituser’ capability assigned to it can escalate their privileges to that of the admin user by providing specially crafted w...
CVE-2023-32707 ‘edit_user’ Capability Privilege Escalation
In versions of Splunk Enterprise below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform below version 9.0.2303.100, a low-privileged user who holds a role that has the ‘edituser’ capability assigned to it can escalate their privileges to that of the admin user by providing specially crafted w...
CVE-2023-32707 ‘edit_user’ Capability Privilege Escalation
In versions of Splunk Enterprise below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform below version 9.0.2303.100, a low-privileged user who holds a role that has the ‘edituser’ capability assigned to it can escalate their privileges to that of the admin user by providing specially crafted w...
Splunk Enterprise 8.1.0 < 8.1.14, 8.2.0 < 8.2.11, 9.0.0 < 9.0.5 (SVD-2023-0602)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2023-0602 advisory. - In versions of Splunk Enterprise below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform below version 9.0.2303.100, a...