CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-29946: Risky command safeguards bypass in Dashboard Examples Hub

8.1 CVSS

Description

In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the Dashboard Examples Hub lacks protections for risky SPL commands. This could let attackers bypass SPL safeguards for risky commands in the Hub. The vulnerability would require the attacker to phish the victim by tricking them into initiating a request within their browser.

Classification

CVE ID: CVE-2024-29946

CVSS Base Severity: HIGH

CVSS Base Score: 8.1

Affected Products

Vendor: Splunk

Product: Splunk Enterprise

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.09% (probability of being exploited)

EPSS Percentile: 40.82% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://advisory.splunk.com/advisories/SVD-2024-0302
https://research.splunk.com/application/1cf58ae1-9177-40b8-a26c-8966040f11ae/

Timeline

2025-01-03 00:30:18 UTC
CVE

Risky command safeguards bypass in Dashboard Examples Hub