CVE-2024-36990

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-36990
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.2.2403.100, an authenticated, low-privileged user that does not hold the admin or power Splunk roles could send a specially crafted HTTP POST request to the datamodel/web REST endpoint in Splunk Enterprise, potentially causing a denial of service.

6.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://advisory.splunk.com/advisories/SVD-2024-0710 Vendor Advisory
https://research.splunk.com/application/45766810-dbb2-44d4-b889-b4ba3ee0d1f5 Exploit Vendor Advisory
https://advisory.splunk.com/advisories/SVD-2024-0710 Vendor Advisory
https://research.splunk.com/application/45766810-dbb2-44d4-b889-b4ba3ee0d1f5 Exploit Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*
cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*
cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*
History

21 Nov 2024, 09:22

Type Values Removed Values Added
References () https://advisory.splunk.com/advisories/SVD-2024-0710 - Vendor Advisory () https://advisory.splunk.com/advisories/SVD-2024-0710 - Vendor Advisory
References () https://research.splunk.com/application/45766810-dbb2-44d4-b889-b4ba3ee0d1f5 - Exploit, Vendor Advisory () https://research.splunk.com/application/45766810-dbb2-44d4-b889-b4ba3ee0d1f5 - Exploit, Vendor Advisory

21 Aug 2024, 14:29

Type Values Removed Values Added
CPE cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*
References () https://advisory.splunk.com/advisories/SVD-2024-0710 - () https://advisory.splunk.com/advisories/SVD-2024-0710 - Vendor Advisory
References () https://research.splunk.com/application/45766810-dbb2-44d4-b889-b4ba3ee0d1f5 - () https://research.splunk.com/application/45766810-dbb2-44d4-b889-b4ba3ee0d1f5 - Exploit, Vendor Advisory
First Time Splunk
Splunk splunk
Splunk splunk Cloud Platform

02 Jul 2024, 12:09

Type Values Removed Values Added
Summary
  • (es) En las versiones de Splunk Enterprise inferiores a 9.2.2, 9.1.5 y 9.0.10 y en las versiones de Splunk Cloud Platform inferiores a 9.2.2403.100, un usuario autenticado y con pocos privilegios que no tenga los roles de administrador o de poder de Splunk podría enviar un mensaje HTTP especialmente manipulado. Solicitud POST al modelo de datos/endpoint REST web en Splunk Enterprise, lo que podría provocar una denegación de servicio.

01 Jul 2024, 17:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-07-01 17:15

Updated : 2024-11-21 09:22

NVD link : CVE-2024-36990

Mitre link : CVE-2024-36990

CVE.ORG link : CVE-2024-36990

JSON object : View

Products Affected

splunk

  • splunk_cloud_platform
  • splunk
CWE
CWE-835

Loop with Unreachable Exit Condition ('Infinite Loop')


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024