CVE-2024-53247
EUVD-2024-5191910.12.2024, 18:15
In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7, and versions below 3.4.261 and 3.7.13 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could perform a Remote Code Execution (RCE).Enginsight
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| splunk | splunk | 9.3 ≤ 𝑥 < 9.3.2 | CNA |
| splunk | splunk | 9.2 ≤ 𝑥 < 9.2.4 | CNA |
| splunk | splunk | 9.1 ≤ 𝑥 < 9.1.7 | CNA |
| splunk | splunk | 3.7 ≤ 𝑥 < 3.7.13 | CNA |
| splunk | splunk | 3.4 ≤ 𝑥 < 3.4.261 | CNA |
Common Weakness Enumeration