CVE-2024-36991: Path Traversal on the “/modules/messaging/“ endpoint in Splunk Enterprise on Windows

7.5 CVSS

Description

In Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10, an attacker could perform a path traversal on the /modules/messaging/ endpoint in Splunk Enterprise on Windows. This vulnerability should only affect Splunk Enterprise on Windows.

Classification

CVE ID: CVE-2024-36991

CVSS Base Severity: HIGH

CVSS Base Score: 7.5

Affected Products

Vendor: Splunk

Product: Splunk Enterprise

Nuclei Template

http/cves/2024/CVE-2024-36991.yaml

Exploit Prediction Scoring System (EPSS)

EPSS Score: 12.01% (probability of being exploited)

EPSS Percentile: 95.38% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://advisory.splunk.com/advisories/SVD-2024-0711
https://research.splunk.com/application/e7c2b064-524e-4d65-8002-efce808567aa

Timeline

2024-12-11 00:30:52 UTC
CVE

Path Traversal on the “/modules/messaging/“ endpoint in Splunk Enterprise on Windows