CVE-2024-53245 — Sensitive Information Exposure in Cloud Platform

CWE-200 — Sensitive Information Exposure3 documents3 sources

Severity

4.3MEDIUMNVD

CNA3.1

EPSS

0.4%

top 38.87%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Splunk Cloud Platform Splunk Enterprise Splunk

Timeline

PublishedDec 10

Description

In Splunk Enterprise versions below 9.3.0, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions below 9.1.2312.206, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles, that has a username with the same name as a role with read access to dashboards, could see the dashboard name and the dashboard XML by cloning the dashboard.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages4 packages

▶CVEListV5splunk/splunk_cloud_platform9.1.2312 — 9.1.2312.206

▶NVDsplunk/splunk_cloud_platform9.1.2312 — 9.1.2312.206

▶CVEListV5splunk/splunk_enterprise9.2 — 9.2.4+1

▶NVDsplunk/splunk9.1.0 — 9.1.7+1

🔴Vulnerability Details

CVEList

Information Disclosure due to Username Collision with a Role that has the same Name as the User↗2024-12-10

▶

GHSA

GHSA-qp49-g67r-vh5q: In Splunk Enterprise versions below 9↗2024-12-10

▶