CVE-2023-32713: Local Privilege Escalation via the ‘streamfwd’ program in Splunk App for Stream
First published: Thu Jun 01 2023(Updated: )
In Splunk App for Stream versions below 8.1.1, a low-privileged user could use a vulnerability in the streamfwd process within the Splunk App for Stream to escalate their privileges on the machine that runs the Splunk Enterprise instance, up to and including the root user.
Credit: prodsec@splunk.com prodsec@splunk.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Splunk Splunk App For Stream | <8.1.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-32713?
CVE-2023-32713 is a vulnerability in the Splunk App for Stream that allows a low-privileged user to escalate their privileges on the machine that runs the Splunk Enterprise instance, up to and including the root user.
How severe is CVE-2023-32713?
CVE-2023-32713 is considered critical with a severity score of 9.9 out of 10.
How can a low-privileged user exploit CVE-2023-32713?
A low-privileged user can exploit CVE-2023-32713 by using a vulnerability in the streamfwd process within the Splunk App for Stream.
Which versions of the Splunk App for Stream are affected by CVE-2023-32713?
Versions of the Splunk App for Stream below 8.1.1 are affected by CVE-2023-32713.
Is there a fix for CVE-2023-32713?
Yes, upgrading to version 8.1.1 or above of the Splunk App for Stream fixes CVE-2023-32713.
- collector/nvd-latest
- collector/nvd-index
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- agent/author
- agent/references
- agent/title
- agent/weakness
- agent/tags
- agent/severity
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/splunk
- canonical/splunk splunk app for stream