CVE-2024-53247 Remote Code Execution through Deserialization of Untrusted Data in Splunk Secure Gateway app

In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7, and versions below 3.4.261 and 3.7.13 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could perform a Remote Code Execution RCE...

CVE-2024-53247

CVE-2024-53247 affects Splunk Enterprise and the Splunk Secure Gateway app on Splunk Cloud Platform. It enables a low-privileged user (not admin/power) to achieve Remote Code Execution via deserialization issues, with root cause tied to jsonpickle handling in the affected components. Affected ver...

CVE-2024-53247 Remote Code Execution through Deserialization of Untrusted Data in Splunk Secure Gateway app

In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7, and versions below 3.4.261 and 3.7.13 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could perform a Remote Code Execution RCE...

Splunk Enterprise和Splunk Cloud Platform 安全漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of Splunk Corporation, U.S.A. Splunk Cloud Platform is a powerful data collection, processing, and analytics service.Splunk Enterprise is a suite of data collection and analytics software. A security vulnerability exists in Splunk Clou...

Splunk Cloud Platform和Splunk Enterprise 安全漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of Splunk Corporation, U.S.A. Splunk Cloud Platform is a powerful data collection, processing, and analytics service.Splunk Enterprise is a suite of data collection and analytics software. Splunk Cloud Platform and Splunk Enterprise ha...

Splunk Cloud Platform和Splunk Enterprise 安全漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of Splunk, Inc. of the U.S.A. Splunk Cloud Platform is a powerful data collection, processing, and analytics service.Splunk Enterprise is a suite of data collection and analytics software. Splunk Cloud Platform and Splunk Enterprise ha...

Splunk Enterprise和Splunk Cloud Platform 安全漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of Splunk, Inc. of the U.S.A. Splunk Cloud Platform is a powerful data collection, processing, and analytics service.Splunk Enterprise is a suite of data collection and analytics software. A security vulnerability exists in Splunk Clou...

Splunk Enterprise和Splunk Cloud Platform 安全漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of Splunk, Inc. of the U.S.A. Splunk Cloud Platform is a powerful data collection, processing, and analytics service.Splunk Enterprise is a suite of data collection and analytics software. Splunk Cloud Platform and Splunk Enterprise ha...

PT-2024-35690 · Splunk · Splunk Cloud Platform +1

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.3.0 Splunk Enterprise versions prior to 9.2.4 Splunk Enterprise versions prior to 9.1.7 Splunk Cloud Platform versions prior to 9.1.2312.206 Description: A low-privileged user without the "admin" or "powe...

Splunk Enterprise 9.1.0 < 9.1.7, 9.2.0 < 9.2.4, 9.3.0 < 9.3.2 (SVD-2024-1201)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2024-1201 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...

PT-2024-9875 · Splunk · Splunk Cloud Platform +2

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.3.2, 9.2.4, and 9.1.7 Splunk Secure Gateway app on Splunk Cloud Platform versions prior to 3.2.462, 3.7.18, and 3.8.5 Description: The issue is related to improper access control in the Splunk Secure...

Splunk Enterprise 9.1.0 < 9.1.7, 9.2.0 < 9.2.4, 9.3.0 < 9.3.2 (SVD-2024-1204)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2024-1204 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...

Splunk Enterprise 9.1.0 < 9.1.7, 9.2.0 < 9.2.4 (SVD-2024-1203)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2024-1203 advisory. - In Splunk Enterprise versions below 9.3.0, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions below 9.1.2312.206, a...

Splunk Enterprise 9.1.0 < 9.1.7, 9.2.0 < 9.2.4, 9.3.0 < 9.3.2 (SVD-2024-1202)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2024-1202 advisory. - In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions below 9.2.2406.107,...

PT-2024-9365 · Splunk · Splunk Secure Gateway App +1

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.3.2 Splunk Enterprise versions prior to 9.2.4 Splunk Enterprise versions prior to 9.1.7 Splunk Secure Gateway app versions prior to 3.4.261 Splunk Secure Gateway app versions prior to 3.7.13 Description:...

The vulnerability of the final point of the Splunk Enterprise data model/web REST platform for operational analysis allows a malicious actor to trigger a service failure.

The vulnerability of the final point of the Splunk Enterprise data model/web REST platform for operational analysis is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability allows a malicious actor to trigger a service failure using a specially creat...

VulnCheck KEV: CVE-2024-36991

In Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10, an attacker could perform a path traversal on the /modules/messaging/ endpoint in Splunk Enterprise on Windows. This vulnerability should only affect Splunk Enterprise on Windows...

The vulnerability of the PDF file export function of the pdfgen component of the Splunk Enterprise platform allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of the PDF file export function of the pdfgen component of the Splunk Enterprise platform relates to access control deficiencies. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information from a remote location...

The vulnerability of the Splunk Enterprise platform’s SplunkD module for operational analytics allows a hacker to disclose protected information.

The vulnerability of the Splunk Enterprise platform for operational analysis involves insufficient protection for operational data. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...

The vulnerability of the Splunk Enterprise platform’s SplunkD module for operational analysis allows a perpetrator to trigger a service failure.

The vulnerability of the Splunk Enterprise platform’s Splunkd component relates to an uncontrolled resource consumption due to an improperly formatted parameter named INGESTEVAL. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...