CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-22938

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘sendemail’ REST API endpoint lets any authenticated user send an email as the Splunk instance. The endpoint is now restricted to the ‘splunk-system-user’ account on the local instance.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 55.1%

CVSS Severity

CVSS v3 Score 4.3

References

Products affected by CVE-2023-22938

Splunk » Splunk » Version: 8.1.0

cpe:2.3:a:splunk:splunk:8.1.0
Splunk » Splunk » Version: 8.1.1

cpe:2.3:a:splunk:splunk:8.1.1
Splunk » Splunk » Version: 8.1.12

cpe:2.3:a:splunk:splunk:8.1.12
Splunk » Splunk » Version: 8.1.2

cpe:2.3:a:splunk:splunk:8.1.2
Splunk » Splunk » Version: 8.1.4

cpe:2.3:a:splunk:splunk:8.1.4
Splunk » Splunk » Version: 8.1.5

cpe:2.3:a:splunk:splunk:8.1.5
Splunk » Splunk » Version: 8.1.6

cpe:2.3:a:splunk:splunk:8.1.6
Splunk » Splunk » Version: 8.1.7

cpe:2.3:a:splunk:splunk:8.1.7
Splunk » Splunk » Version: 8.2.0

cpe:2.3:a:splunk:splunk:8.2.0
Splunk » Splunk » Version: 8.2.9

cpe:2.3:a:splunk:splunk:8.2.9
Splunk » Splunk » Version: 9.0.0

cpe:2.3:a:splunk:splunk:9.0.0
Splunk » Splunk » Version: 9.0.3

cpe:2.3:a:splunk:splunk:9.0.3
Splunk » Splunk Cloud Platform » Version: N/A

cpe:2.3:a:splunk:splunk_cloud_platform:-
Splunk » Splunk Cloud Platform » Version: 8.1.2103

cpe:2.3:a:splunk:splunk_cloud_platform:8.1.2103
Splunk » Splunk Cloud Platform » Version: 8.2.2105

cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2105
Splunk » Splunk Cloud Platform » Version: 8.2.2106

cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2106
Splunk » Splunk Cloud Platform » Version: 8.2.2107

cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2107
Splunk » Splunk Cloud Platform » Version: 8.2.2109

cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2109
Splunk » Splunk Cloud Platform » Version: 8.2.2111

cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2111
Splunk » Splunk Cloud Platform » Version: 8.2.2112

cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2112
Splunk » Splunk Cloud Platform » Version: 8.2.2201

cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2201
Splunk » Splunk Cloud Platform » Version: 8.2.2202

cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2202
Splunk » Splunk Cloud Platform » Version: 8.2.2203

cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2203
Splunk » Splunk Cloud Platform » Version: 9.0.2209

cpe:2.3:a:splunk:splunk_cloud_platform:9.0.2209

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-22938

Products

Pricing

Contact Us