CVE-2024-36994Cross-site Scripting in Cloud Platform

CWE-79Cross-site Scripting3 documents3 sources
Severity
5.4MEDIUMNVD
EPSS
1.2%
top 20.83%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Splunk Cloud PlatformSplunk EnterpriseSplunk
Timeline
PublishedJul 1

Description

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the admin or power Splunk roles could craft a malicious payload through a View and Splunk Web Bulletin Messages that could result in execution of unauthorized JavaScript code in the browser of a user.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:NExploitability: 2.3 | Impact: 2.7

Affected Packages4 packages

CVEListV5splunk/splunk_cloud_platform9.1.23089.1.2308.207+1
NVDsplunk/splunk_cloud_platform9.1.23129.1.2312.200+1
CVEListV5splunk/splunk_enterprise9.29.2.2+2
NVDsplunk/splunk9.0.09.0.10+2

🔴Vulnerability Details

2
GHSA
GHSA-32hm-m24x-pwrg: In Splunk Enterprise versions below 92024-07-01
CVEList
Persistent Cross-site Scripting (XSS) in Dashboard Elements2024-07-01
CVE-2024-36994 — Cross-site Scripting in Splunk | cvebase