CVE-2024-53246

Summary

In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions below 9.3.2408.101, 9.2.2406.106, 9.2.2403.111, and 9.1.2312.206, an SPL command can potentially disclose sensitive information. The vulnerability requires the exploitation of another vulnerability, such as a Risky Commands Bypass, for successful exploitation.

Affected Software

VendorProductVersion RangeStatus
SplunkSplunk Enterprise9.3 < 9.3.2affected
SplunkSplunk Enterprise9.2 < 9.2.4affected
SplunkSplunk Enterprise9.1 < 9.1.7affected
SplunkSplunk Cloud Platform9.3.2408 < 9.3.2408.101affected
SplunkSplunk Cloud Platform9.2.2406 < 9.2.2406.106affected
SplunkSplunk Cloud Platform9.2.2403 < 9.2.2403.111affected
SplunkSplunk Cloud Platform9.1.2312 < 9.1.2312.206affected

Weaknesses

  • CWE-319: The software transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References