CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2024-36996 – Information Disclosure of user names
https://notcve.org/view.php?id=CVE-2024-36996
01 Jul 2024 — In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109, an attacker could determine whether or not another user exists on the instance by deciphering the error response that they would likely receive from the instance when they attempt to log in. This disclosure could then lead to additional brute-force password-guessing attacks. This vulnerability would require that the Splunk platform instance uses the Security Assertion Markup Language (SAML) au... • https://advisory.splunk.com/advisories/SVD-2024-0716 • CWE-204: Observable Response Discrepancy •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-36994 – Persistent Cross-site Scripting (XSS) in Dashboard Elements
https://notcve.org/view.php?id=CVE-2024-36994
01 Jul 2024 — In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the admin or power Splunk roles could craft a malicious payload through a View and Splunk Web Bulletin Messages that could result in execution of unauthorized JavaScript code in the browser of a user. En las versiones de Splunk Enterprise inferiores a 9.2.2, 9.1.5 y 9.0.10 y en las versiones de Splunk Cloud Platform inferiores a 9.1.231... • https://advisory.splunk.com/advisories/SVD-2024-0714 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2024-36989 – Low-privileged user could create notifications in Splunk Web Bulletin Messages
https://notcve.org/view.php?id=CVE-2024-36989
01 Jul 2024 — In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, a low-privileged user that does not hold the admin or power Splunk roles could create notifications in Splunk Web Bulletin Messages that all users on the instance receive. En las versiones de Splunk Enterprise inferiores a 9.2.2, 9.1.5 y 9.0.10 y en las versiones de Splunk Cloud Platform inferiores a 9.1.2312.200, un usuario con pocos privilegios que no tenga las funciones de administrador o p... • https://advisory.splunk.com/advisories/SVD-2024-0709 • CWE-284: Improper Access Control •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-36987 – Insecure File Upload in the indexing/preview REST endpoint
https://notcve.org/view.php?id=CVE-2024-36987
01 Jul 2024 — In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, an authenticated, low-privileged user who does not hold the admin or power Splunk roles could upload a file with an arbitrary extension using the indexing/preview REST endpoint. En las versiones de Splunk Enterprise inferiores a 9.2.2, 9.1.5 y 9.0.10 y en las versiones de Splunk Cloud Platform inferiores a 9.1.2312.200, un usuario autenticado y con pocos privilegios que no tenga las funciones ... • https://advisory.splunk.com/advisories/SVD-2024-0707 • CWE-434: Unrestricted Upload of File with Dangerous Type •