CVE-2024-53244

{"id": "CVE-2024-53244", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "prodsec@splunk.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.7, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.1}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.7, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.1}]}, "published": "2024-12-10T18:15:41.243", "references": [{"url": "https://advisory.splunk.com/advisories/SVD-2024-1202", "tags": ["Vendor Advisory"], "source": "prodsec@splunk.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "prodsec@splunk.com", "description": [{"lang": "en", "value": "CWE-200"}]}, {"type": "Secondary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions below 9.2.2406.107, 9.2.2403.109, and 9.1.2312.206, a low-privileged user that does not hold the \u201cadmin\u201c or \u201cpower\u201c Splunk roles could run a saved search with a risky command using the permissions of a higher-privileged user to bypass the SPL safeguards for risky commands on \u201c/en-US/app/search/report\u201c endpoint through \u201cs\u201c parameter.<br>The vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser. The authenticated user should not be able to exploit the vulnerability at will."}, {"lang": "es", "value": "En las versiones de Splunk Enterprise anteriores a 9.3.2, 9.2.4 y 9.1.7 y en las versiones de Splunk Cloud Platform anteriores a 9.2.2406.107, 9.2.2403.109 y 9.1.2312.206, un usuario con pocos privilegios que no tenga los roles de Splunk \u201cadmin\u201d o \u201cpower\u201d podr\u00eda ejecutar una b\u00fasqueda guardada con un comando riesgoso utilizando los permisos de un usuario con mayores privilegios para eludir las medidas de seguridad de SPL para comandos riesgosos en el punto de conexi\u00f3n \u201c/en-US/app/search/report\u201d a trav\u00e9s del par\u00e1metro \u201cs\u201d.<br>La vulnerabilidad requiere que el atacante enga\u00f1e a la v\u00edctima para que inicie una solicitud dentro de su navegador. El usuario autenticado no deber\u00eda poder explotar la vulnerabilidad a voluntad."}], "lastModified": "2025-03-06T19:54:57.093", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "6653C37D-03C0-47C1-BC9C-510EBB0CB4BE", "versionEndExcluding": "9.1.7", "versionStartIncluding": "9.1.0"}, {"criteria": "cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "E31DE8DF-1AAD-4570-93E3-711C07FE1227", "versionEndExcluding": "9.2.4", "versionStartIncluding": "9.2.0"}, {"criteria": "cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "A709D871-A35B-4CF2-A9D7-23CE29D0A8C6", "versionEndExcluding": "9.3.2", "versionStartIncluding": "9.3.0"}, {"criteria": "cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0338CF9-1AC9-4F45-9A68-06172C6B36A1", "versionEndExcluding": "9.1.2312.206", "versionStartIncluding": "9.1.2312"}, {"criteria": "cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1D640552-2CAE-4747-9683-C7DC45D556EF", "versionEndExcluding": "9.2.2403.109", "versionStartIncluding": "9.2.2403"}, {"criteria": "cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C9D4F64-DAA8-4692-AE4F-171777E8D7C3", "versionEndExcluding": "9.2.2406.107", "versionStartIncluding": "9.2.2406"}], "operator": "OR"}]}], "sourceIdentifier": "prodsec@splunk.com"}