CVE-2024-29946Improper Input Validation in Cloud Platform

CWE-20Improper Input ValidationCWE-77Command InjectionCWE-1287Improper Validation of Specified Type of Input3 documents3 sources
Severity
8.1HIGHNVD
EPSS
0.4%
top 41.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Splunk Cloud PlatformSplunk EnterpriseSplunk
Timeline
PublishedMar 27

Description

In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the Dashboard Examples Hub lacks protections for risky SPL commands. This could let attackers bypass SPL safeguards for risky commands in the Hub. The vulnerability would require the attacker to phish the victim by tricking them into initiating a request within their browser.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:NExploitability: 2.8 | Impact: 5.2

Affected Packages3 packages

CVEListV5splunk/splunk_enterprise9.29.2.1+2
NVDsplunk/splunk9.0.09.0.9+2
CVEListV5splunk/splunk_cloud_platform-9.1.2312.104+1

🔴Vulnerability Details

2
GHSA
GHSA-fwr5-6x48-g3p6: In Splunk Enterprise versions below 92024-03-27
CVEList
Risky command safeguards bypass in Dashboard Examples Hub2024-03-27
CVE-2024-29946 — Improper Input Validation in Splunk | cvebase