Vulnerability Description
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109 and 9.1.2308.207, an authenticated user could create an external lookup that calls a legacy internal function. The authenticated user could use this internal function to insert code into the Splunk platform installation directory. From there, the user could execute arbitrary code on the Splunk platform Instance.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Splunk | Splunk | >= 9.0.0, < 9.0.10 |
| Splunk | Splunk Cloud Platform | >= 9.1.2308, < 9.1.2308.207 |
Related Weaknesses (CWE)
References
- https://advisory.splunk.com/advisories/SVD-2024-0703Vendor Advisory
- https://research.splunk.com/application/1cf58ae1-9177-40b8-a26c-8966040f11ae/Tool Signature
- https://advisory.splunk.com/advisories/SVD-2024-0703Vendor Advisory
- https://research.splunk.com/application/1cf58ae1-9177-40b8-a26c-8966040f11ae/Tool Signature
FAQ
What is CVE-2024-36983?
CVE-2024-36983 is a vulnerability with a CVSS score of 8.0 (HIGH). In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109 and 9.1.2308.207, an authenticated user could create an external lookup that calls a ...
How severe is CVE-2024-36983?
CVE-2024-36983 has been rated HIGH with a CVSS base score of 8.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-36983?
Check the references section above for vendor advisories and patch information. Affected products include: Splunk Splunk, Splunk Splunk Cloud Platform.