Splunk Enterprise Crash Vulnerability
CVE-2024-36982

7.5HIGH

Key Information:

Vendor: Splunk
Status: Splunk Enterprise; Splunk Cloud Platform
Vendor: CVE Published:; 1 July 2024

Summary

In certain versions of Splunk Enterprise and Splunk Cloud Platform, a vulnerability exists that allows an attacker to invoke a null pointer reference on the cluster/config REST endpoint. This flaw may lead to a crash of the Splunk daemon, potentially impacting the availability and functionality of the affected services. Users of these versions should take caution and consider updating to secure versions to mitigate any associated risks.

Affected Version(s)

Splunk Cloud Platform 9.1.2312 < 9.1.2312.109

Splunk Cloud Platform 9.1.2308 < 9.1.2308.207

Splunk Enterprise 9.2 < 9.2.2

References

https://advisory.splunk.com/advisories/SVD-2024-0702

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 1, 2024
Vulnerability Reserved
May 30, 2024

Credit

d0nahu3