← voltar
CVE-2024-36991

Path Traversal on the “/modules/messaging/“ endpoint in Splunk Enterprise on Windows

CVSS 7.5 HIGHEPSS 13.1%CWE-35
In Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10, an attacker could perform a path traversal on the /modules/messaging/ endpoint in Splunk Enterprise on Windows. This vulnerability should only affect Splunk Enterprise on Windows.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Produtos afetados
Splunk · Splunk Enterprise

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://advisory.splunk.com/advisories/SVD-2024-0711https://research.splunk.com/application/e7c2b064-524e-4d65-8002-efce808567aa