CVE-2024-45737

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-45737
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108, and 9.1.2312.204, a low-privileged user that does not hold the "admin" or "power" Splunk roles could change the maintenance mode state of App Key Value Store (KVStore) through a Cross-Site Request Forgery (CSRF).

3.5 /10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 2.1 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References
Link Resource
https://advisory.splunk.com/advisories/SVD-2024-1007 Vendor Advisory
https://research.splunk.com/application/34bac267-a89b-4bd7-a072-a48eef1f15b8/ Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:splunk:splunk:9.3.0:*:*:*:enterprise:*:*:*
cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*
cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*
History

16 Oct 2024, 22:18

Type Values Removed Values Added
CPE cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*
cpe:2.3:a:splunk:splunk:9.3.0:*:*:*:enterprise:*:*:*
cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
First Time Splunk splunk
Splunk
Splunk splunk Cloud Platform
CVSS v2 : unknown
v3 : 4.3 		v2 : unknown
v3 : 3.5
References () https://advisory.splunk.com/advisories/SVD-2024-1007 - () https://advisory.splunk.com/advisories/SVD-2024-1007 - Vendor Advisory
References () https://research.splunk.com/application/34bac267-a89b-4bd7-a072-a48eef1f15b8/ - () https://research.splunk.com/application/34bac267-a89b-4bd7-a072-a48eef1f15b8/ - Vendor Advisory

15 Oct 2024, 12:57

Type Values Removed Values Added
Summary
  • (es) En las versiones de Splunk Enterprise anteriores a 9.3.1, 9.2.3 y 9.1.6 y en las versiones de Splunk Cloud Platform anteriores a 9.2.2403.108 y 9.1.2312.204, un usuario con privilegios bajos que no tenga los roles de "administrador" o "poder" de Splunk podría cambiar el estado del modo de mantenimiento de App Key Value Store (KVStore) a través de un Cross-Site Request Forgery (CSRF).

14 Oct 2024, 17:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-10-14 17:15

Updated : 2024-10-16 22:18

NVD link : CVE-2024-45737

Mitre link : CVE-2024-45737

CVE.ORG link : CVE-2024-45737

JSON object : View

Products Affected

splunk

  • splunk_cloud_platform
  • splunk
CWE
CWE-352

Cross-Site Request Forgery (CSRF)