Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2024-23675

In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store (KV Store) improperly handles permissions for users that use the REST application programming interface (API). This can potentially result in the deletion of KV Store collections.

  • Published: Jan 22, 2024
  • Updated: Jan 30, 2024
  • CVE: CVE-2024-23675
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 6.5
  • AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CWEs:

Software From Fixed in
splunk / cloud - 9.1.2312.100
splunk / splunk 9.0.0 9.0.8
splunk / splunk 9.1.0 9.1.3