CVE-2024-36997

Sažetak

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312, an admin user could store and execute arbitrary JavaScript code in the browser context of another Splunk user through the conf-web/settings REST endpoint. This could potentially cause a persistent cross-site scripting (XSS) exploit.

Reference

https://advisory.splunk.com/advisories/SVD-2024-0717
https://research.splunk.com/application/ed1209ef-228d-4dab-9856-be9369925a5c
https://advisory.splunk.com/advisories/SVD-2024-0717
https://research.splunk.com/application/ed1209ef-228d-4dab-9856-be9369925a5c

CVSS

Base:	8.1
Impact:	5.8
Exploitability:	1.7

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	HIGH

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	NONE

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N

Zadnje važnije ažuriranje

07-03-2025 - 16:48

Objavljeno

01-07-2024 - 17:15