CVE-2024-53245 - Splunk Enterprise Dashboard Cloning Privilege Escalation
CVE ID : CVE-2024-53245 Published : Dec. 10, 2024, 6:15 p.m. | 1 hour, 44 minutes ago Description : In Splunk Enterprise versions below 9.3.0, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions below 9.1.2312.206, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles, that has a username with the same name as a role with read access to dashboards, could see the dashboard name and the dashboard XML by cloning the dashboard. Severity: 3.1 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-53245
Published : Dec. 10, 2024, 6:15 p.m. | 1 hour, 44 minutes ago
Description : In Splunk Enterprise versions below 9.3.0, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions below 9.1.2312.206, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles, that has a username with the same name as a role with read access to dashboards, could see the dashboard name and the dashboard XML by cloning the dashboard.
Severity: 3.1 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : Dec. 10, 2024, 6:15 p.m. | 1 hour, 44 minutes ago
Description : In Splunk Enterprise versions below 9.3.0, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions below 9.1.2312.206, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles, that has a username with the same name as a role with read access to dashboards, could see the dashboard name and the dashboard XML by cloning the dashboard.
Severity: 3.1 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
