CVE-2024-23675

Summary

In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store (KV Store) improperly handles permissions for users that use the REST application programming interface (API). This can potentially result in the deletion of KV Store collections.

Affected Software

VendorProductVersion RangeStatus
SplunkSplunk Enterprise9.0 < 9.0.8affected
SplunkSplunk Enterprise9.1 < 9.1.3affected
SplunkSplunk Cloud- < 9.1.2312.100affected

Weaknesses

  • CWE-284: The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References