CVE-2024-36989

Published: Jul 1, 2024Modified: Nov 21, 2024

4.3

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Exploitability: 2.8 / Impact: 1.4

Source: NVD

Description

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, a low-privileged user that does not hold the admin or power Splunk roles could create notifications in Splunk Web Bulletin Messages that all users on the instance receive.

Affected (4)

Products: Splunk: Cloud, Splunk

2 products

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Splunk Cloud	From 9.1.2312 to 9.1.2312.200
Splunk Splunk	From 9.0.0 to 9.0.10
Splunk Splunk	From 9.1.0 to 9.1.5
Splunk Splunk	From 9.2.0 to 9.2.2

Related CWEs

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (4)

https://advisory.splunk.com/advisories/SVD-2024-0709

Source: prodsec@splunk.com

Vendor Advisory

https://research.splunk.com/application/4b7f368f-4322-47f8-8363-2c466f0b7030

Source: prodsec@splunk.com

Vendor Advisory

https://advisory.splunk.com/advisories/SVD-2024-0709

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://research.splunk.com/application/4b7f368f-4322-47f8-8363-2c466f0b7030

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.