CVE-2024-23677

🗓️ 22 Jan 2024 20:37:41Reported by SplunkType

Splunk Enterprise < 9.0.8 discloses external app server responses in lo

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2024-23677	22 Jan 202422:26	–	circl
CNNVD	Splunk Security Breach	22 Jan 202400:00	–	cnnvd
Cvelist	CVE-2024-23677 Server Response Disclosure in RapidDiag Salesforce.com Log File	22 Jan 202420:37	–	cvelist
EUVD	EUVD-2024-21148	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Splunk	23 Jan 202400:00	–	ncsc
NVD	CVE-2024-23677	22 Jan 202421:15	–	nvd
Prion	Code injection	22 Jan 202421:15	–	prion
Positive Technologies	PT-2024-1240 · Splunk · Splunk Enterprise	22 Jan 202400:00	–	ptsecurity
Tenable Nessus	Splunk Enterprise 9.0.0 < 9.0.8 (SVD-2024-0107)	22 Jan 202400:00	–	nessus
Vulnrichment	CVE-2024-23677 Server Response Disclosure in RapidDiag Salesforce.com Log File	22 Jan 202420:37	–	vulnrichment

NVD

Node

splunk cloudRange<9.0.2208

splunk splunkRange9.0.0–9.0.8enterprise

[
  {
    "product": "Splunk Enterprise",
    "vendor": "Splunk",
    "versions": [
      {
        "version": "9.0",
        "status": "affected",
        "versionType": "custom",
        "lessThan": "9.0.8"
      }
    ]
  },
  {
    "product": "Splunk Cloud",
    "vendor": "Splunk",
    "versions": [
      {
        "version": "-",
        "status": "affected",
        "versionType": "custom",
        "lessThan": "9.0.2208"
      }
    ]
  }
]

Source	Link
advisory	www.advisory.splunk.com/advisories/SVD-2024-0107

28 Feb 2025 11:03Current

5.2Medium risk

Vulners AI Score5.2

CVSS 3.14.3 - 5.3

EPSS0.00229

SSVC

CWE-532