The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2023-0208 advisory.
– In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the sendemail’ REST API endpoint lets any authenticated user send an email as the Splunk instance. The endpoint is now restricted to the splunk- system-user’ account on the local instance. (CVE-2023-22938)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.Read More