CVE-2024-45737

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108, and 9.1.2312.204, a low-privileged user that does not hold the "admin" or "power" Splunk roles could change the maintenance mode state of App Key Value Store (KVStore) through a Cross-Site Request Forgery (CSRF).
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:splunk:splunk:9.3.0:*:*:*:enterprise:*:*:*
cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*
cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*

History

16 Oct 2024, 22:18

Type Values Removed Values Added
First Time Splunk splunk Cloud Platform
Splunk splunk
Splunk
CPE cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:splunk:splunk:9.3.0:*:*:*:enterprise:*:*:*
cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : 4.3
v2 : unknown
v3 : 3.5
References () https://advisory.splunk.com/advisories/SVD-2024-1007 - () https://advisory.splunk.com/advisories/SVD-2024-1007 - Vendor Advisory
References () https://research.splunk.com/application/34bac267-a89b-4bd7-a072-a48eef1f15b8/ - () https://research.splunk.com/application/34bac267-a89b-4bd7-a072-a48eef1f15b8/ - Vendor Advisory

15 Oct 2024, 12:57

Type Values Removed Values Added
Summary
  • (es) En las versiones de Splunk Enterprise anteriores a 9.3.1, 9.2.3 y 9.1.6 y en las versiones de Splunk Cloud Platform anteriores a 9.2.2403.108 y 9.1.2312.204, un usuario con privilegios bajos que no tenga los roles de "administrador" o "poder" de Splunk podría cambiar el estado del modo de mantenimiento de App Key Value Store (KVStore) a través de un Cross-Site Request Forgery (CSRF).

14 Oct 2024, 17:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-14 17:15

Updated : 2024-10-16 22:18


NVD link : CVE-2024-45737

Mitre link : CVE-2024-45737

CVE.ORG link : CVE-2024-45737


JSON object : View

Products Affected

splunk

  • splunk_cloud_platform
  • splunk
CWE
CWE-352

Cross-Site Request Forgery (CSRF)