Splunk Cloud 9.1.2308.200

CPE Details

Splunk Cloud 9.1.2308.200
splunk
cloud
9.1.2308.200
2024-02-02
21h20 +00:00
2024-02-02
21h20 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:splunk:cloud:9.1.2308.200:*:*:*:*:*:*:*

Informations

Vendor

splunk

Product

cloud

Version

9.1.2308.200

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-36982 2024-07-01 16h31 +00:00 In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109 and 9.1.2308.207, an attacker could trigger a null pointer reference on the cluster/config REST endpoint, which could result in a crash of the Splunk daemon.
7.5
High
CVE-2024-36986 2024-07-01 16h30 +00:00 In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, an authenticated user could run risky commands using the permissions of a higher-privileged user to bypass SPL safeguards for risky commands in the Analytics Workspace. The vulnerability requires the authenticated user to phish the victim by tricking them into initiating a request within their browser. The authenticated user should not be able to exploit the vulnerability at will.
6.3
Medium
CVE-2024-23675 2024-01-22 20h37 +00:00 In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store (KV Store) improperly handles permissions for users that use the REST application programming interface (API). This can potentially result in the deletion of KV Store collections.
6.5
Medium