CVE-2024-36989
Description
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, a low-privileged user that does not hold the admin or power Splunk roles could create notifications in Splunk Web Bulletin Messages that all users on the instance receive.
Risk Information
Base Score
4.3
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
EPSS Score
Exploitation Probability
0.279
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in Splunk Enterprise 7 (x64) 9.0.9 | Windows |
| Multiple Vulnerabilities are affected in Splunk Enterprise 7 (x64) 9.1.4 | Windows |
| Multiple Vulnerabilities are affected in Splunk Enterprise 7 (x64) 9.2.1 | Windows |
| Multiple Vulnerabilities are affected in Splunk Enterprise 7 9.0.9 | Windows |
| Multiple Vulnerabilities are affected in Splunk Enterprise 7 9.1.4 | Windows |
| Multiple Vulnerabilities are affected in Splunk Enterprise 7 9.2.1 | Windows |
| Multiple vulnerabilities are fixed in Splunk Enterprise 9 (MSI) (x64) (9.2.2) | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-353389 | Splunk Enterprise 9 (MSI) (x64) (9.4.6) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234