CVSS: 7.8EPSS: 87%CPEs: 4EXPL: 9CVE-2024-36991 – Path Traversal on the “/modules/messaging/“ endpoint in Splunk Enterprise on Windows
https://notcve.org/view.php?id=CVE-2024-36991
01 Jul 2024 — In Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10, an attacker could perform a path traversal on the /modules/messaging/ endpoint in Splunk Enterprise on Windows. This vulnerability should only affect Splunk Enterprise on Windows. En las versiones de Splunk Enterprise en Windows inferiores a 9.2.2, 9.1.5 y 9.0.10, un atacante podría realizar un path traversal en el endpoint /modules/messaging/ en Splunk Enterprise en Windows. Esta vulnerabilidad solo debería afectar a Splunk Enterprise... • https://packetstorm.news/files/id/190154 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-35: Path Traversal: '.../ •
CVSS: 8.3EPSS: 0%CPEs: 3EXPL: 0CVE-2024-29945 – Splunk Authentication Token Exposure in Debug Log in Splunk Enterprise
https://notcve.org/view.php?id=CVE-2024-29945
27 Mar 2024 — In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the software potentially exposes authentication tokens during the token validation process. This exposure happens when either Splunk Enterprise runs in debug mode or the JsonWebToken component has been configured to log its activity at the DEBUG logging level. En las versiones de Splunk Enterprise inferiores a 9.2.1, 9.1.4 y 9.0.9, el software potencialmente expone tokens de autenticación durante el proceso de validación del token. Esta exposición... • https://advisory.splunk.com/advisories/SVD-2024-0301 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 9.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-29946 – Risky command safeguards bypass in Dashboard Examples Hub
https://notcve.org/view.php?id=CVE-2024-29946
27 Mar 2024 — In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the Dashboard Examples Hub lacks protections for risky SPL commands. This could let attackers bypass SPL safeguards for risky commands in the Hub. The vulnerability would require the attacker to phish the victim by tricking them into initiating a request within their browser. En las versiones de Splunk Enterprise inferiores a 9.2.1, 9.1.4 y 9.0.9, el Centro de ejemplos de paneles de la aplicación Splunk Dashboard Studio carece de protección para c... • https://advisory.splunk.com/advisories/SVD-2024-0302 • CWE-20: Improper Input Validation CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •