CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-45733 – Remote Code Execution (RCE) due to insecure session storage configuration in Splunk Enterprise on Windows
https://notcve.org/view.php?id=CVE-2024-45733
In Splunk Enterprise for Windows versions below 9.2.3 and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could perform a Remote Code Execution (RCE) due to an insecure session storage configuration. • https://advisory.splunk.com/advisories/SVD-2024-1003 https://research.splunk.com/application/c97e0704-d9c6-454d-89ba-1510a987bf72 • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-45731 – Potential Remote Command Execution (RCE) through arbitrary file write to Windows system root directory when Splunk Enterprise for Windows is installed on a separate disk
https://notcve.org/view.php?id=CVE-2024-45731
In Splunk Enterprise for Windows versions below 9.3.1, 9.2.3, and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could write a file to the Windows system root directory, which has a default location in the Windows System32 folder, when Splunk Enterprise for Windows is installed on a separate drive. • https://advisory.splunk.com/advisories/SVD-2024-1001 https://research.splunk.com/application/c97e0704-d9c6-454d-89ba-1510a987bf72 • CWE-23: Relative Path Traversal •
CVSS: -EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50780 – Apache ActiveMQ Artemis: Authenticated users could perform RCE via Jolokia MBeans
https://notcve.org/view.php?id=CVE-2023-50780
Apache ActiveMQ Artemis allows access to diagnostic information and controls through MBeans, which are also exposed through the authenticated Jolokia endpoint. Before version 2.29.0, this also included the Log4J2 MBean. This MBean is not meant for exposure to non-administrative users. This could eventually allow an authenticated attacker to write arbitrary files to the filesystem and indirectly achieve RCE. Users are recommended to upgrade to version 2.29.0 or later, which fixes the issue. • https://lists.apache.org/thread/63b78shqz312phsx7v1ryr7jv7bprg58 • CWE-285: Improper Authorization •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-7847 – RSLogix™ 5 and RSLogix 500® Remote Code Execution Via VBA Embedded Script
https://notcve.org/view.php?id=CVE-2024-7847
This feature can be abused to trick a legitimate user into executing malicious code upon opening an infected RSP/RSS project file. If exploited, a threat actor may be able to perform a remote code execution. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1701.html • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 8.6EPSS: 0%CPEs: 7EXPL: 0CVE-2024-9139 – OS Command Injection in Restricted Command
https://notcve.org/view.php?id=CVE-2024-9139
The affected product permits OS command injection through improperly restricted commands, potentially allowing attackers to execute arbitrary code. • https://www.moxa.com/en/support/product-support/security-advisory/mpsa-241154-missing-authentication-and-os-command-injection-vulnerabilities-in-routers-and-network-security-appliances • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •