In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108, and 9.1.2312.204, a low-privileged user that does not hold the "admin" or "power" Splunk roles could change the maintenance mode state of App Key Value Store (KVStore) through a Cross-Site Request Forgery (CSRF).
References
Link | Resource |
---|---|
https://advisory.splunk.com/advisories/SVD-2024-1007 | Vendor Advisory |
https://research.splunk.com/application/34bac267-a89b-4bd7-a072-a48eef1f15b8/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
16 Oct 2024, 22:18
Type | Values Removed | Values Added |
---|---|---|
First Time |
Splunk splunk Cloud Platform
Splunk splunk Splunk |
|
CPE | cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:* cpe:2.3:a:splunk:splunk:9.3.0:*:*:*:enterprise:*:*:* cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 3.5 |
References | () https://advisory.splunk.com/advisories/SVD-2024-1007 - Vendor Advisory | |
References | () https://research.splunk.com/application/34bac267-a89b-4bd7-a072-a48eef1f15b8/ - Vendor Advisory |
15 Oct 2024, 12:57
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
14 Oct 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-14 17:15
Updated : 2024-10-16 22:18
NVD link : CVE-2024-45737
Mitre link : CVE-2024-45737
CVE.ORG link : CVE-2024-45737
JSON object : View
Products Affected
splunk
- splunk_cloud_platform
- splunk
CWE
CWE-352
Cross-Site Request Forgery (CSRF)