admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2024/53xxx/CVE-2024-53246.json
CVE Team 0fe76c1c12
"-Synchronized-Data."
2024-12-10 19:01:01 +00:00

115 lines
4.7 KiB
JSON
Raw Blame History

{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-53246",
"ASSIGNER": "prodsec@splunk.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions below 9.3.2408.101, 9.2.2406.106, 9.2.2403.111, and 9.1.2312.206, an SPL command can potentially disclose sensitive information. The vulnerability requires the exploitation of another vulnerability, such as a Risky Commands Bypass, for successful exploitation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "The software transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.",
"cweId": "CWE-319"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Splunk",
"product": {
"product_data": [
{
"product_name": "Splunk Enterprise",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "9.3",
"version_value": "9.3.2"
},
{
"version_affected": "<",
"version_name": "9.2",
"version_value": "9.2.4"
},
{
"version_affected": "<",
"version_name": "9.1",
"version_value": "9.1.7"
}
]
}
},
{
"product_name": "Splunk Cloud Platform",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "9.3.2408",
"version_value": "9.3.2408.101"
},
{
"version_affected": "<",
"version_name": "9.2.2406",
"version_value": "9.2.2406.106"
},
{
"version_affected": "<",
"version_name": "9.2.2403",
"version_value": "9.2.2403.111"
},
{
"version_affected": "<",
"version_name": "9.1.2312",
"version_value": "9.1.2312.206"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2024-1204",
"refsource": "MISC",
"name": "https://advisory.splunk.com/advisories/SVD-2024-1204"
}
]
},
"source": {
"advisory": "SVD-2024-1204"
},
"impact": {
"cvss": [
{
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink