Lucene search

PRIOn knowledge basePRION:CVE-2024-23675

HistoryJan 22, 2024 - 9:15 p.m.

Design/Logic Flaw

2024-01-2221:15:00

PRIOn knowledge base

www.prio-n.com

flaw

splunk enterprise

kv store

permissions

deletion

api

7.1 High

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

16.0%

JSON

In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store (KV Store) improperly handles permissions for users that use the REST application programming interface (API). This can potentially result in the deletion of KV Store collections.

CPENameOperatorVersion
cloudlt9.1.2312.100
splunkge9.0.0
splunklt9.0.8
splunkge9.1.0
splunklt9.1.3

Name	Operator	Version
cloud	lt	9.1.2312.100
splunk	ge	9.0.0
splunk	lt	9.0.8
splunk	ge	9.1.0
splunk	lt	9.1.3

References

advisory.splunk.com/advisories/SVD-2024-0105

research.splunk.com/application/8f0e8380-a835-4f2b-b749-9ce119364df0/