Vulnerability Description
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, a low-privileged user that does not hold the admin or power Splunk roles could create notifications in Splunk Web Bulletin Messages that all users on the instance receive.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Splunk | Cloud | >= 9.1.2312, < 9.1.2312.200 |
| Splunk | Splunk | >= 9.0.0, < 9.0.10 |
Related Weaknesses (CWE)
References
- https://advisory.splunk.com/advisories/SVD-2024-0709Vendor Advisory
- https://research.splunk.com/application/4b7f368f-4322-47f8-8363-2c466f0b7030Vendor Advisory
- https://advisory.splunk.com/advisories/SVD-2024-0709Vendor Advisory
- https://research.splunk.com/application/4b7f368f-4322-47f8-8363-2c466f0b7030Vendor Advisory
FAQ
What is CVE-2024-36989?
CVE-2024-36989 is a vulnerability with a CVSS score of 7.1 (HIGH). In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, a low-privileged user that does not hold the admin or power Splunk roles could creat...
How severe is CVE-2024-36989?
CVE-2024-36989 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-36989?
Check the references section above for vendor advisories and patch information. Affected products include: Splunk Cloud, Splunk Splunk.