CVE-2024-29946
27.03.2024, 17:15
In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the Dashboard Examples Hub lacks protections for risky SPL commands. This could let attackers bypass SPL safeguards for risky commands in the Hub. The vulnerability would require the attacker to phish the victim by tricking them into initiating a request within their browser.
| Vendor | Product | Version |
|---|---|---|
| splunk | splunk | 9.0.0 ≤ 𝑥 < 9.0.9 |
| splunk | splunk | 9.1.0 ≤ 𝑥 < 9.1.4 |
| splunk | splunk | 9.2.0 ≤ 𝑥 < 9.2.1 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-20 - Improper Input ValidationThe product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')The software constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.