CVE-2024-23676

CVSS V2 None CVSS V3 None
Description
In Splunk versions below 9.0.8 and 9.1.3, the “mrollup” SPL command lets a low-privileged user view metrics on an index that they do not have permission to view. This vulnerability requires user interaction from a high-privileged user to exploit.
Overview
  • CVE ID
  • CVE-2024-23676
  • Assigner
  • Splunk
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-01-22T20:37:42.546Z
  • Last Modified Date
  • 2024-04-10T00:52:46.949Z
History
Created Old Value New Value Data Type Notes
2024-06-26 06:54:10 Added to TrackCVE