What is CVE-2023-32712?

CVE-2023-32712 is a high-severity vulnerability in Splunk Enterprise, classified under Improper Output Neutralization for Logs. CVSS score: 8.6/10. Published 2023-06-01.

How severe is CVE-2023-32712?

High severity. CVSS v3 base score is 8.6 out of 10.

Vulnerability in Splunk Enterprise

CVE-2023-32712

In Splunk Enterprise versions below 9.1.0.2, 9.0.5.1, and 8.2.11.2, an attacker can inject American National Standards Institute (ANSI) escape codes into Splunk log files that, when a vulnerable terminal application reads them, can potenti…

EPSS: 0.003 (54.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.6 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H.

Affected products

Splunk Enterprise — versions 8.2, 9.0, 9.1
Splunk Universal Forwarder — versions 8.2, 9.0, 9.1

Weakness classification (CWE)

CWE-117 — Improper Output Neutralization for Logs

References

advisory.splunk.com/advisories/SVD-2023-0606
research.splunk.com/application/de3908dc-1298-446d-84b9-fa81d37e959b

Frequently asked questions

What is CVE-2023-32712?: CVE-2023-32712 is a high-severity vulnerability in Splunk Enterprise, classified under Improper Output Neutralization for Logs. CVSS score: 8.6/10. Published 2023-06-01.
How severe is CVE-2023-32712?: High severity. CVSS v3 base score is 8.6 out of 10.