CVE-2024-53243
MEDIUMSplunk Enterprise <9.3.2, 9.2.4, 9.1.7 - Info Disclosure
Title source: llmDescription
In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7 and versions below 3.2.462, 3.7.18, and 3.8.5 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could see alert search query responses using Splunk Secure Gateway App Key Value Store (KVstore) collections endpoints due to improper access control.
References (1)
Core 1
Core References
Various Sources
https://advisory.splunk.com/advisories/SVD-2024-1201
Scores
CVSS v3
4.3
EPSS
0.0030
EPSS Percentile
53.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-200
Status
published
Products (6)
Splunk/Splunk Enterprise
9.1 - 9.1.7
Splunk/Splunk Enterprise
9.2 - 9.2.4
Splunk/Splunk Enterprise
9.3 - 9.3.2
Splunk/Splunk Secure Gateway
3.4 - 3.4.262
Splunk/Splunk Secure Gateway
3.7 - 3.7.18
Splunk/Splunk Secure Gateway
3.8 - 3.8.5
Published
Dec 10, 2024
Tracked Since
Feb 18, 2026