Splunk Products Multiple Vulnerabilities
Release Date:
23 Jan 2024
4181
Views
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities were identified in Splunk products. A remote attacker could exploit some of these vulnerabilities to trigger sensitive information disclosure and security restriction bypass on the targeted system.
Impact
- Security Restriction Bypass
- Information Disclosure
System / Technologies affected
- Splunk Cloud Platform: Splunk Web versions below 9.1.2308.200
- Splunk Cloud Platform: Splunk Web versions below 9.0.2208
- Splunk Enterprise: Splunk Web version 9.0.0 to 9.0.7
- Splunk Enterprise: Splunk Web version 9.1.0 to 9.1.2
- Splunk Cloud Platform: Splunk REST API versions below 9.1.2312.100
- Splunk Enterprise: Splunk REST API version 9.0.0 to 9.0.7
- Splunk Enterprise: Splunk REST API version 9.1.0 to 9.1.2
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
- https://advisory.splunk.com/advisories/SVD-2024-0105
- https://advisory.splunk.com/advisories/SVD-2024-0106
- https://advisory.splunk.com/advisories/SVD-2024-0107
- https://advisory.splunk.com/advisories/SVD-2024-0108
Vulnerability Identifier
Source
Related Link
Share with