Splunk Products Multiple Vulnerabilities
Release Date:
16 Oct 2024
2834
Views
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities were identified in Splunk products. A remote attacker could exploit some of these vulnerabilities to trigger cross-site scripting, denial of service condition, elevation of privilege, remote code execution, security restriction bypass and sensitive information disclosure on the targeted system.
Impact
- Cross-Site Scripting
- Denial of Service
- Elevation of Privilege
- Remote Code Execution
- Security Restriction Bypass
- Information Disclosure
System / Technologies affected
- Splunk Enterprise version 9.3.0
- Splunk Enterprise versions 9.2.0 to 9.2.3
- Splunk Enterprise versions 9.1.0 to 9.1.5
- Splunk Enterprise versions 9.0.0 to 9.0.9
- Splunk Cloud Platform versions 9.2.2403.102 to 9.2.2403.102
- Splunk Cloud Platform versions 9.1.2312.100 to 9.1.2312.109
- Splunk Cloud Platform versions below 9.1.2308.207
- Splunk Secure Gateway versions 3.6.0 to 3.6.16
- Splunk Secure Gateway versions below 3.4.259
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
- https://advisory.splunk.com/advisories/SVD-2024-1001
- https://advisory.splunk.com/advisories/SVD-2024-1002
- https://advisory.splunk.com/advisories/SVD-2024-1003
- https://advisory.splunk.com/advisories/SVD-2024-1004
- https://advisory.splunk.com/advisories/SVD-2024-1005
- https://advisory.splunk.com/advisories/SVD-2024-1006
- https://advisory.splunk.com/advisories/SVD-2024-1007
- https://advisory.splunk.com/advisories/SVD-2024-1008
- https://advisory.splunk.com/advisories/SVD-2024-1009
- https://advisory.splunk.com/advisories/SVD-2024-1010
- https://advisory.splunk.com/advisories/SVD-2024-1011
Vulnerability Identifier
- CVE-2024-45731
- CVE-2024-45732
- CVE-2024-45733
- CVE-2024-45734
- CVE-2024-45735
- CVE-2024-45736
- CVE-2024-45737
- CVE-2024-45738
- CVE-2024-45739
- CVE-2024-45740
- CVE-2024-45741
Source
Related Link
- https://advisory.splunk.com/advisories/SVD-2024-1001
- https://advisory.splunk.com/advisories/SVD-2024-1002
- https://advisory.splunk.com/advisories/SVD-2024-1003
- https://advisory.splunk.com/advisories/SVD-2024-1004
- https://advisory.splunk.com/advisories/SVD-2024-1005
- https://advisory.splunk.com/advisories/SVD-2024-1006
- https://advisory.splunk.com/advisories/SVD-2024-1007
- https://advisory.splunk.com/advisories/SVD-2024-1008
- https://advisory.splunk.com/advisories/SVD-2024-1009
- https://advisory.splunk.com/advisories/SVD-2024-1010
- https://advisory.splunk.com/advisories/SVD-2024-1011
Related Tags
Share with