CVE-2024-45740 — Cross-site Scripting in Cloud Platform

CWE-79 — Cross-site Scripting3 documents3 sources

Severity

5.4MEDIUMNVD

EPSS

0.6%

top 30.45%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Splunk Cloud Platform Splunk Enterprise Splunk

Timeline

PublishedOct 14

Description

In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload through Scheduled Views that could result in execution of unauthorized JavaScript code in the browser of a user.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:NExploitability: 2.3 | Impact: 2.7

Affected Packages4 packages

▶CVEListV5splunk/splunk_cloud_platform9.2.2403 — 9.2.2403.100

▶NVDsplunk/splunk_cloud_platform< 9.2.2403.100

▶CVEListV5splunk/splunk_enterprise9.2 — 9.2.3+1

▶NVDsplunk/splunk9.1.0 — 9.1.6+1

🔴Vulnerability Details

GHSA

GHSA-4vmx-gm8x-gpjr: In Splunk Enterprise versions below 9↗2024-10-14

▶

CVEList

Persistent Cross-Site Scripting (XSS) through Scheduled Views on Splunk Enterprise↗2024-10-14

▶