Showing 1 - 2 of 2

Files from Santiago Lopez

First Active	2023-09-11
Last Active	2023-10-27

Splunk edit_user Capability Privilege Escalation: Posted Oct 27, 2023; Authored by Heyder Andrade, RedWay Security, Santiago Lopez | Site metasploit.com; Splunk suffers from an issue where a low-privileged user who holds a role that has the edit_user capability assigned to it can escalate their privileges to that of the admin user by providing a specially crafted web request. This is because the edit_user capability does not honor the grantableRoles setting in the authorize.conf configuration file, which prevents this scenario from happening. This exploit abuses this vulnerability to change the admin password and login with it to upload a malicious app achieving remote code execution.; tags | exploit, remote, web, code execution; advisories | CVE-2023-32707; SHA-256 | 7181dfaec2f1f7eb973d6e9ba2bc3a477b83011115b041d9cb0b9ad5e441fc41; Download | Favorite | View

Splunk Enterprise Account Takeover: Posted Sep 11, 2023; Authored by RedWay Security, Santiago Lopez; Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14 allows low-privileged users who hold a role with edit_user capability assigned to it the ability to escalate their privileges to that of the admin user by providing specially crafted web requests.; tags | exploit, web; advisories | CVE-2023-32707; SHA-256 | ee316aee49399048f3f8b444810096f0c391a990229b819631e17d3b449329cf; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days