Home / exploits Splunk Enterprise Account Takeover
Posted on 11 September 2023
Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14 allows low-privileged users who hold a role with edit_user capability assigned to it the ability to escalate their privileges to that of the admin user by providing specially crafted web requests.