Vulnerabilities > CVE-2023-22936 - Server-Side Request Forgery (SSRF) vulnerability in Splunk and Splunk Cloud Platform

CVSS 6.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

LOW

network

low complexity

splunk

CWE-918

NVD

Published: 2023-02-14

Updated: 2024-04-10

Summary

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘search_listener’ parameter in a search allows for a blind server-side request forgery (SSRF) by an authenticated user. The initiator of the request cannot see the response without the presence of an additional vulnerability within the environment.

Vulnerable Configurations

Part	Description	Count
Application	Splunk Splunk Splunk 8.2.0 Splunk Splunk 8.2.9 Splunk Splunk 8.1.0 Splunk Splunk 8.1.1 Splunk Splunk 8.1.2 Splunk Splunk 8.1.4 Splunk Splunk 8.1.5 Splunk Splunk 8.1.6 Splunk Splunk 8.1.7 Splunk Splunk 8.1.12 Splunk Splunk 9.0.0 Splunk Splunk 9.0.3 Splunk Splunk Cloud Platform - Splunk Splunk Cloud Platform 8.1.2103 Splunk Splunk Cloud Platform 8.2.2105 Splunk Splunk Cloud Platform 8.2.2106 Splunk Splunk Cloud Platform 8.2.2107 Splunk Splunk Cloud Platform 8.2.2109 Splunk Splunk Cloud Platform 8.2.2111 Splunk Splunk Cloud Platform 8.2.2112 Splunk Splunk Cloud Platform 8.2.2201 Splunk Splunk Cloud Platform 8.2.2202 Splunk Splunk Cloud Platform 8.2.2203 Splunk Splunk Cloud Platform 9.0.2209	24

Common Weakness Enumeration (CWE)

CWE-918 - Server-Side Request Forgery (SSRF)

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References