CVE-2024-53247Deserialization of Untrusted Data in Enterprise

CWE-502Deserialization of Untrusted Data3 documents3 sources
Severity
8.8HIGHNVD
EPSS
3.1%
top 13.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Splunk EnterpriseSplunk Secure Gateway
Timeline
PublishedDec 10

Description

In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7, and versions below 3.4.261 and 3.7.13 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could perform a Remote Code Execution (RCE).

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5splunk/splunk_secure_gateway3.73.7.13+1
CVEListV5splunk/splunk_enterprise9.39.3.2+2

🔴Vulnerability Details

2
GHSA
GHSA-529c-hjgw-g8wj: In Splunk Enterprise versions below 92024-12-10
CVEList
Remote Code Execution through Deserialization of Untrusted Data in Splunk Secure Gateway app2024-12-10
CVE-2024-53247 — Deserialization of Untrusted Data | cvebase