We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
On Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and in Splunk Cloud Platform versions below 9.0.2303.100, an unauthorized user can access the {{/services/indexing/preview}} REST endpoint to overwrite search results if they know the search ID (SID) of an existing search job.
Reserved 2023-05-11 | Published 2023-06-01 | Updated 2025-02-28 | Assigner SplunkScott Calvert, Splunk
advisory.splunk.com/advisories/SVD-2023-0612
research.splunk.com/...bbe26f95-1655-471d-8abd-3d32fafa86f8/
Support options