Lucene search

SplunkCVELIST:CVE-2024-23675

HistoryJan 22, 2024 - 8:37 p.m.

CVE-2024-23675 Splunk App Key Value Store (KV Store) Improper Handling of Permissions Leads to KV Store Collection Deletion

2024-01-2220:37:23

Splunk

www.cve.org

cve-2024-23675

splunk

app key value store

permissions

api

deletion

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

0.0005 Low

EPSS

Percentile

16.2%

JSON

In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store (KV Store) improperly handles permissions for users that use the REST application programming interface (API). This can potentially result in the deletion of KV Store collections.

CNA Affected

[
  {
    "product": "Splunk Enterprise",
    "vendor": "Splunk",
    "versions": [
      {
        "version": "9.0",
        "status": "affected",
        "versionType": "custom",
        "lessThan": "9.0.8"
      },
      {
        "version": "9.1",
        "status": "affected",
        "versionType": "custom",
        "lessThan": "9.1.3"
      }
    ]
  },
  {
    "product": "Splunk Cloud",
    "vendor": "Splunk",
    "versions": [
      {
        "version": "-",
        "status": "affected",
        "versionType": "custom",
        "lessThan": "9.1.2312.100"
      }
    ]
  }
]

References

advisory.splunk.com/advisories/SVD-2024-0105

research.splunk.com/application/8f0e8380-a835-4f2b-b749-9ce119364df0/

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

0.0005 Low

EPSS

Percentile

16.2%

JSON

Related for CVELIST:CVE-2024-23675