In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform versions below 9.0.2303.100, a low-privileged user can trigger an HTTP response splitting vulnerability with the ‘rest’ SPL command that lets them potentially access other REST endpoints in the system arbitrarily.
Product A handles inputs or steps differently than Product B, which causes A to perform incorrect actions based on its perception of B’s state.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Splunk | Splunk | 8.1.0 (including) | 8.1.14 (excluding) |
Splunk | Splunk | 8.2.0 (including) | 8.2.11 (excluding) |
Splunk | Splunk | 9.0.0 (including) | 9.0.5 (excluding) |
Splunk_cloud_platform | Splunk | * | 9.0.2303.100 (excluding) |