Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-36990 |
Description: In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.2.2403.100, an authenticated, low-privileged user that does not hold the admin or power Splunk roles could send a specially crafted HTTP POST request to the datamodel/web REST endpoint in Splunk Enterprise, potentially causing a denial of service.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
December 11th, 2024 (5 months ago)
|
|
CVE-2024-36989 |
Description: In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, a low-privileged user that does not hold the admin or power Splunk roles could create notifications in Splunk Web Bulletin Messages that all users on the instance receive.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
December 11th, 2024 (5 months ago)
|
|
CVE-2024-36987 |
Description: In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, an authenticated, low-privileged user who does not hold the admin or power Splunk roles could upload a file with an arbitrary extension using the indexing/preview REST endpoint.
CVSS: MEDIUM (4.3) EPSS Score: 0.05%
December 11th, 2024 (5 months ago)
|
|
CVE-2024-36986 |
Description: In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, an authenticated user could run risky commands using the permissions of a higher-privileged user to bypass SPL safeguards for risky commands in the Analytics Workspace. The vulnerability requires the authenticated user to phish the victim by tricking them into initiating a request within their browser. The authenticated user should not be able to exploit the vulnerability at will.
CVSS: MEDIUM (6.3) EPSS Score: 0.05%
December 11th, 2024 (5 months ago)
|
|
CVE-2024-36985 |
Description: In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10, a low-privileged user that does not hold the admin or power Splunk roles could cause a Remote Code Execution through an external lookup that references the “splunk_archiver“ application.
CVSS: HIGH (8.8) EPSS Score: 0.04%
December 11th, 2024 (5 months ago)
|
|
CVE-2024-36984 |
Description: In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 on Windows, an authenticated user could execute a specially crafted query that they could then use to serialize untrusted data. The attacker could use the query to execute arbitrary code.
CVSS: HIGH (8.8) EPSS Score: 0.04%
December 11th, 2024 (5 months ago)
|
|
CVE-2024-36983 |
Description: In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109 and 9.1.2308.207, an authenticated user could create an external lookup that calls a legacy internal function. The authenticated user could use this internal function to insert code into the Splunk platform installation directory. From there, the user could execute arbitrary code on the Splunk platform Instance.
CVSS: HIGH (8.0) EPSS Score: 0.04%
December 11th, 2024 (5 months ago)
|
|
CVE-2024-36982 |
Description: In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109 and 9.1.2308.207, an attacker could trigger a null pointer reference on the cluster/config REST endpoint, which could result in a crash of the Splunk daemon.
CVSS: HIGH (7.5) EPSS Score: 0.05%
December 11th, 2024 (5 months ago)
|
|
CVE-2024-35272 |
Description: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS: HIGH (8.8) EPSS Score: 0.05%
December 11th, 2024 (5 months ago)
|
|
CVE-2024-35271 |
Description: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVSS: HIGH (8.8) EPSS Score: 0.05%
December 11th, 2024 (5 months ago)
|