CVE-2024-53243Sensitive Information Exposure in Enterprise

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
0.2%
top 54.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Splunk EnterpriseSplunk Secure Gateway
Timeline
PublishedDec 10

Description

In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7 and versions below 3.2.462, 3.7.18, and 3.8.5 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could see alert search query responses using Splunk Secure Gateway App Key Value Store (KVstore) collections endpoints due to improper access control.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5splunk/splunk_secure_gateway3.83.8.5+2
CVEListV5splunk/splunk_enterprise9.39.3.2+2

🔴Vulnerability Details

2
GHSA
GHSA-c93m-w54c-8g9x: In Splunk Enterprise versions below 92024-12-10
CVEList
Information Disclosure in Mobile Alert Responses in Splunk Secure Gateway2024-12-10
CVE-2024-53243 — Sensitive Information Exposure | cvebase