Splunk Products Multiple Vulnerabilities
Release Date:
4 Nov 2024
2571
Views
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities were identified in Splunk products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution, security restriction bypass and sensitive information disclosure on the targeted system.
Impact
- Denial of Service
- Remote Code Execution
- Security Restriction Bypass
- Information Disclosure
System / Technologies affected
- Splunk Enterprise versions 9.1.0 to 9.1.5
- Splunk Enterprise versions 9.2.0 to 9.2.2
- Splunk Enterprise versions 9.3.0
- Splunk Add-on for Cisco Meraki versions below 2.2.0
- Splunk Add-on for Google Cloud Platform versions below 4.7.0
- Splunk Add-on for Office 365 versions below 4.5.2
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
- https://advisory.splunk.com/advisories/SVD-2024-1012
- https://advisory.splunk.com/advisories/SVD-2024-1013
- https://advisory.splunk.com/advisories/SVD-2024-1014
- https://advisory.splunk.com/advisories/SVD-2024-1015
Vulnerability Identifier
- CVE-2015-3276
- CVE-2017-14159
- CVE-2017-17740
- CVE-2019-13057
- CVE-2019-13565
- CVE-2020-12243
- CVE-2020-15719
- CVE-2020-25692
- CVE-2020-36221
- CVE-2020-36222
- CVE-2020-36223
- CVE-2020-36224
- CVE-2020-36225
- CVE-2020-36226
- CVE-2020-36227
- CVE-2020-36228
- CVE-2020-36229
- CVE-2020-36230
- CVE-2021-27212
- CVE-2022-29155
- CVE-2022-42969
- CVE-2023-2953
- CVE-2023-3978
- CVE-2023-26125
- CVE-2023-29401
- CVE-2023-32681
- CVE-2023-39318
- CVE-2023-39319
- CVE-2023-39320
- CVE-2023-39321
- CVE-2023-39322
- CVE-2023-39323
- CVE-2023-39325
- CVE-2023-39326
- CVE-2023-43804
- CVE-2023-44487
- CVE-2023-45142
- CVE-2023-45283
- CVE-2023-45284
- CVE-2023-45285
- CVE-2023-45288
- CVE-2023-45803
- CVE-2023-47108
- CVE-2023-48795
- CVE-2023-50658
- CVE-2024-3651
- CVE-2024-24557
- CVE-2024-24786
- CVE-2024-24790
- CVE-2024-28180
- CVE-2024-34062
- CVE-2024-35195
- CVE-2024-37891
- CVE-2024-39689
Source
Related Link
Related Tags
Share with