SplunkVULNRICHMENT:CVE-2024-36992CVE-2024-36992 Persistent Cross-site Scripting (XSS) in Dashboard Elements
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
6.2 Medium
AI Score
Confidence
High
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the admin or power Splunk roles could craft a malicious payload through a View that could result in execution of unauthorized JavaScript code in the browser of a user. The “url” parameter of the Dashboard element does not have proper input validation to reject invalid URLs, which could lead to a Persistent Cross-site Scripting (XSS) exploit.
CNA Affected
[
{
"vendor": "Splunk",
"product": "Splunk Enterprise",
"versions": [
{
"status": "affected",
"version": "9.2",
"lessThan": "9.2.2",
"versionType": "custom"
},
{
"status": "affected",
"version": "9.1",
"lessThan": "9.1.5",
"versionType": "custom"
},
{
"status": "affected",
"version": "9.0",
"lessThan": "9.0.10",
"versionType": "custom"
}
]
},
{
"vendor": "Splunk",
"product": "Splunk Cloud Platform",
"versions": [
{
"status": "affected",
"version": "9.1.2312",
"lessThan": "9.1.2312.200",
"versionType": "custom"
},
{
"status": "affected",
"version": "9.1.2308",
"lessThan": "9.1.2308.207",
"versionType": "custom"
}
]
}
]Related
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
6.2 Medium
AI Score
Confidence
High