CVE-2024-36984— Splunk 安全漏洞
新しい脆弱性情報の通知を購読するログインして購読
I. CVE-2024-36984の基本情報
脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗ 高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
脆弱性タイトル
Remote Code Execution through Serialized Session Payload in Splunk Enterprise on Windows
ソース: NVD (National Vulnerability Database)
脆弱性説明
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 on Windows, an authenticated user could execute a specially crafted query that they could then use to serialize untrusted data. The attacker could use the query to execute arbitrary code.
ソース: NVD (National Vulnerability Database)
CVSS情報
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
可信数据的反序列化
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Splunk 安全漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Splunk是美国Splunk公司的一套数据收集分析软件。该软件主要用于收集、索引和分析及其所产生的数据,包括所有IT系统和基础结构(物理、虚拟机和云)生成的数据。 Splunk 存在安全漏洞。攻击者利用该漏洞可以执行任意代码。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)
影響を受ける製品
| ベンダー | プロダクト | 影響を受けるバージョン | CPE | 購読 |
|---|---|---|---|---|
| Splunk | Splunk Enterprise | 9.2 ~ 9.2.2 | - |
II. CVE-2024-36984の公開POC
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|
AI生成POCプレミアム
公開POCは見つかりませんでした。
ログインしてAI POCを生成III. CVE-2024-36984のインテリジェンス情報
请登录查看更多情报信息。
Same Patch Batch · Splunk · 2024-07-01 · 15 CVEs total
| CVE-2024-36985 | 8.8 HIGH | Remote Code Execution (RCE) through an external lookup due to “copybuckets.py“ script in t |
| CVE-2024-36983 | 8.0 HIGH | Command Injection using External Lookups |
| CVE-2024-36991 | 7.5 HIGH | Path Traversal on the “/modules/messaging/“ endpoint in Splunk Enterprise on Windows |
| CVE-2024-36982 | 7.5 HIGH | Denial of Service through null pointer reference in “cluster/config” REST endpoint |
| CVE-2024-36989 | 6.5 MEDIUM | Low-privileged user could create notifications in Splunk Web Bulletin Messages |
| CVE-2024-36990 | 6.5 MEDIUM | Denial of Service (DoS) on the datamodel/web REST endpoint |
| CVE-2024-36986 | 6.3 MEDIUM | Risky command safeguards bypass through Search ID query in Analytics Workspace |
| CVE-2024-36994 | 5.4 MEDIUM | Persistent Cross-site Scripting (XSS) in Dashboard Elements |
| CVE-2024-36992 | 5.4 MEDIUM | Persistent Cross-site Scripting (XSS) in Dashboard Elements |
| CVE-2024-36993 | 5.4 MEDIUM | Persistent Cross-site Scripting (XSS) in Web Bulletin |
| CVE-2024-36996 | 5.3 MEDIUM | Information Disclosure of user names |
| CVE-2024-36997 | 4.6 MEDIUM | Persistent Cross-site Scripting (XSS) in conf-web/settings REST endpoint |
| CVE-2024-36987 | 4.3 MEDIUM | Insecure File Upload in the indexing/preview REST endpoint |
| CVE-2024-36995 | 4.3 MEDIUM | Low-privileged user could create experimental items |
IV. 関連脆弱性
同じ製品: Splunk Enterprise
- CVE-2026-20203
Improper Access Control in Data Model Acceleration in Splunk - CVE-2026-20204
Improper Handling and Insufficient Isolation of Specific Tem - CVE-2026-20202
Improper Input Validation during User Account Creation in Sp - CVE-2026-20163
Remote Command Execution (RCE) through the '/splunkd/__uploa - CVE-2026-20162
Stored Cross-Site Scripting (XSS) through Path Traversal in
同じベンダー: Splunk
- CVE-2026-20205
Sensitive Information Disclosure in ''_internal'' index in S - CVE-2026-20203
Improper Access Control in Data Model Acceleration in Splunk - CVE-2026-20204
Improper Handling and Insufficient Isolation of Specific Tem - CVE-2026-20202
Improper Input Validation during User Account Creation in Sp - CVE-2026-20163
Remote Command Execution (RCE) through the '/splunkd/__uploa
同じ弱点: CWE-502
- CVE-2026-44126
Insecure deserialization - CVE-2026-5127
User Frontend: AI Powered Frontend Posting, User Directory, - CVE-2026-41586
ObjectInputStream.readObject() without ObjectInputFilter in - CVE-2026-34084
PhpSpreadsheet SSRF and RCE via PHP stream wrappers in IOFac - CVE-2026-7712
MindsDB Pickle pickle.loads deserialization
V. CVE-2024-36984へのコメント
まだコメントはありません