exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 3

CVE-2024-36983

больше 1 года назад

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109 and 9.1.2308.207, an authenticated user could create an external lookup that calls a legacy internal function. The authenticated user could use this internal function to insert code into the Splunk platform installation directory. From there, the user could execute arbitrary code on the Splunk platform Instance.

CVSS3: 8

EPSS: Низкий

GHSA-62xc-vffq-mcgg

больше 1 года назад

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109 and 9.1.2308.207, an authenticated user could create an external lookup that calls a legacy internal function. The authenticated user could use this internal function to insert code into the Splunk platform installation directory. From there, the user could execute arbitrary code on the Splunk platform Instance.

CVSS3: 8

EPSS: Низкий

BDU:2024-07963

больше 1 года назад

Уязвимость технологии External Lookups платформы для операционного анализа Splunk Enterprise, позволяющая нарушителю повысить свои привилегии и выполнить произвольные команды

CVSS3: 8

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2024-36983 In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109 and 9.1.2308.207, an authenticated user could create an external lookup that calls a legacy internal function. The authenticated user could use this internal function to insert code into the Splunk platform installation directory. From there, the user could execute arbitrary code on the Splunk platform Instance.	CVSS3: 8	2% Низкий	больше 1 года назад
GHSA-62xc-vffq-mcgg In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109 and 9.1.2308.207, an authenticated user could create an external lookup that calls a legacy internal function. The authenticated user could use this internal function to insert code into the Splunk platform installation directory. From there, the user could execute arbitrary code on the Splunk platform Instance.	CVSS3: 8	2% Низкий	больше 1 года назад
BDU:2024-07963 Уязвимость технологии External Lookups платформы для операционного анализа Splunk Enterprise, позволяющая нарушителю повысить свои привилегии и выполнить произвольные команды	CVSS3: 8	2% Низкий	больше 1 года назад

Уязвимостей на страницу