nvd-json-data-feeds/CVE-2024/CVE-2024-369xx/CVE-2024-36983.json

{
  "id": "CVE-2024-36983",
  "sourceIdentifier": "prodsec@splunk.com",
  "published": "2024-07-01T17:15:06.257",
  "lastModified": "2025-03-07T17:13:55.270",
  "vulnStatus": "Analyzed",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109 and 9.1.2308.207, an authenticated user could create an external lookup that calls a legacy internal function. The authenticated user could use this internal function to insert code into the Splunk platform installation directory. From there, the user could execute arbitrary code on the Splunk platform Instance."
    },
    {
      "lang": "es",
      "value": "En las versiones de Splunk Enterprise inferiores a 9.2.2, 9.1.5 y 9.0.10 y en las versiones de Splunk Cloud Platform inferiores a 9.1.2312.109 y 9.1.2308.207, un usuario autenticado podr\u00eda crear una b\u00fasqueda externa que llame a una funci\u00f3n interna heredada. El usuario autenticado podr\u00eda utilizar esta funci\u00f3n interna para insertar c\u00f3digo en el directorio de instalaci\u00f3n de la plataforma Splunk. Desde all\u00ed, el usuario podr\u00eda ejecutar c\u00f3digo arbitrario en la instancia de la plataforma Splunk."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "prodsec@splunk.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
          "baseScore": 8.0,
          "baseSeverity": "HIGH",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "REQUIRED",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 2.1,
        "impactScore": 5.9
      },
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9
      }
    ]
  },
  "weaknesses": [
    {
      "source": "prodsec@splunk.com",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-77"
        }
      ]
    },
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-77"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*",
              "versionStartIncluding": "9.0.0",
              "versionEndExcluding": "9.0.10",
              "matchCriteriaId": "09264EE5-FA8A-49C5-AB1F-AEAC16CDC591"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*",
              "versionStartIncluding": "9.1.0",
              "versionEndExcluding": "9.1.5",
              "matchCriteriaId": "565039EE-74F6-451C-AFB3-F6C9F7AA0EEE"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*",
              "versionStartIncluding": "9.2.0",
              "versionEndExcluding": "9.2.2",
              "matchCriteriaId": "B1342052-4733-49BB-95F0-A89B07A3F2E3"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "9.1.2308",
              "versionEndExcluding": "9.1.2308.207",
              "matchCriteriaId": "D220E842-2B15-416F-960B-397166883F9F"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "9.1.2312",
              "versionEndExcluding": "9.1.2312.109",
              "matchCriteriaId": "F2E66C0D-BD3A-46CE-9578-068401F094C0"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://advisory.splunk.com/advisories/SVD-2024-0703",
      "source": "prodsec@splunk.com",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "https://research.splunk.com/application/1cf58ae1-9177-40b8-a26c-8966040f11ae/",
      "source": "prodsec@splunk.com",
      "tags": [
        "Tool Signature"
      ]
    },
    {
      "url": "https://advisory.splunk.com/advisories/SVD-2024-0703",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "https://research.splunk.com/application/1cf58ae1-9177-40b8-a26c-8966040f11ae/",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Tool Signature"
      ]
    }
  ]
}