Vulnerability CVE-2023-32709
Published: 2023-06-01

Description:
In Splunk Enterprise versions below 9.0.5, 8.2.11. and 8.1.14, and Splunk Cloud Platform versions below 9.0.2303.100, a low-privileged user who holds the ??user?? role can see the hashed version of the initial user name and password for the Splunk instance by using the ??rest?? SPL command against the ??conf-user-seed?? REST endpoint.

 References:
https://research.splunk.com/application/a1be424d-e59c-4583-b6f9-2dcc23be4875/
https://advisory.splunk.com/advisories/SVD-2023-0604
Copyright 2026, cxsecurity.com

 

Back to Top