4.3

CVE-2024-45737

Maintenance mode state change of App Key Value Store (KVStore) through Cross-Site Request Forgery (CSRF)

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108, and 9.1.2312.204, a low-privileged user that does not hold the "admin" or "power" Splunk roles could change the maintenance mode state of App Key Value Store (KVStore) through a Cross-Site Request Forgery (CSRF).
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SplunkSplunk SwEditionenterprise Version >= 9.1.0 < 9.1.6
SplunkSplunk SwEditionenterprise Version >= 9.2.0 < 9.2.3
SplunkSplunk Version9.3.0 SwEditionenterprise
SplunkSplunk Cloud Platform Version >= 9.1.2312 < 9.1.2312.204
SplunkSplunk Cloud Platform Version >= 9.2.2403.102 < 9.2.2403.108
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.21% 0.116
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 3.5 2.1 1.4
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
prodsec@splunk.com 4.3 2.8 1.4
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CWE-352 Cross-Site Request Forgery (CSRF)

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

https://advisory.splunk.com/advisories/SVD-2024-1007
Vendor Advisory
https://research.splunk.com/application/34bac267-a89b-4bd7-a072-a48eef1f15b8/
Vendor Advisory