admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-05-05 10:16:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update GobyVuls-Document.md

Browse Source
This commit is contained in:
Goby 2024-07-10 14:30:58 +08:00 committed by GitHub
parent 7d9aea3693
commit 91bc5edd52
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 22 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
GobyVuls-Document.md
View File

@ -1,7 +1,28 @@
# Goby History Update Vulnerability Total Document (Continuously Update)
The following content is an updated vulnerability from Goby. Some of the vulnerabilities are recorded on the screen for easy viewing.
**Updated document date: July 3, 2024**
**Updated document date: July 10, 2024**
## Splunk Enterprise for Windows /en-US/modules/messaging File Reading VulnerabilityCVE-2024-36991
| **Vulnerability** | Splunk Enterprise for Windows /en-US/modules/messaging File Reading VulnerabilityCVE-2024-36991) |
| :----: | :-----|
| **Chinese name** | Splunk Enterprise for Windows /en-US/modules/messaging 文件读取漏洞CVE-2024-36991 |
| **CVSS core** | 7.5 |
| **FOFA Query** (click to view the results directly)| [ app="splunk-Enterprise"](https://fofa.info/result?qbase64=Ym9keT0iX19zcGx1bmtkX3BhcnRpYWxzX18iICB8fCAoaGVhZGVyPSJTZXQtQ29va2llOiBzcGx1bmt3ZWJfdWlkPSIgJiYgYm9keT0iZW50ZXJwcmlzZSIp)|
| **Number of assets affected** | 218643 |
| **Description** |Splunk Enterprise is a data analysis and search tool used for real-time collection, monitoring, and analysis of big data generated by machines, such as log files, clickstreams, and sensor data. It enables users to correlate and analyze data across multiple sources and formats, providing insights into operational efficiency, security, and customer behavior. |
| **Impact** | In the Windows version of Splunk Enterprise, the Python os.path.join function is used to construct paths. This function, when processing paths, will remove the drive letter from the path marker if the drive letter in the path matches that in the constructed path. This allows attackers to access or modify files on the system by constructing specific requests.
Affected versions:
From 9.2.0 to 9.2.1 (excluding 9.2.2)
From 9.1.0 to 9.1.4 (excluding 9.1.5)
From 9.0.0 to 9.0.9 (excluding 9.0.10)|
![](https://s3.bmp.ovh/imgs/2024/07/10/cd9b5cdf1172c646.gif)
## GeoServer /geoserver/wfs Code Execution Vulnerability(CVE-2024-36401)