{"vulnerability": "CVE-2023-22938", "sightings": [{"uuid": "638b62ef-aa71-429b-a019-f69e49e2f14d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22938", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8130", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-22938\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the \u2018sendemail\u2019 REST API endpoint lets any authenticated user send an email as the Splunk instance. The endpoint is now restricted to the \u2018splunk-system-user\u2019 account on the local instance.\n\ud83d\udccf Published: 2023-02-14T17:24:46.893Z\n\ud83d\udccf Modified: 2025-03-19T18:53:03.165Z\n\ud83d\udd17 References:\n1. https://advisory.splunk.com/advisories/SVD-2023-0208", "creation_timestamp": "2025-03-19T19:18:25.000000Z"}, {"uuid": "ad100f57-9bb1-4c67-8021-054d81cfadb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22938", "type": "seen", "source": "https://t.me/cibsecurity/58126", "content": "\u203c CVE-2023-22938 \u203c\n\nIn Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the \u00e2\u20ac\u02dcsendemail\u00e2\u20ac\u2122 REST API endpoint lets any authenticated user send an email as the Splunk instance. The endpoint is now restricted to the \u00e2\u20ac\u02dcsplunk-system-user\u00e2\u20ac\u2122 account on the local instance.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-14T20:35:51.000000Z"}]}