مستوى الخطورة: High
العنوان:
Security Updates – Splunk Products
الوقت:
Tuesday July 5, 2024
ملخص:
Splunk addressed 16 vulnerabilities in Splunk Enterprise and Cloud Platform including six high�severity bugs. Three of the high-severity issues are remote code execution flaws that require authentication for successful exploitation. Remote Code Execution (RCE):
• CVE-2024-36985 (Splunk Enterprise versions 9.2.x, 9.1.x, and 9.0.x) - Exploitable by low�privileged user, mitigated by disabling 'splunk_archiver' application. Patched in versions 9.2.2, 9.1.5, and 9.0.10.
• CVE-2024-36984 (Splunk Enterprise for Windows) - Requires use of 'collect' SPL command. • Dashboard PDF generation (Enterprise & Cloud Platform) - Due to vulnerable ReportLab Toolkit library (v3.6.1)
Fixed Versions: • Splunk Enterprise versions 9.2.2, 9.1.5, and 9.0.10, or higher.
التوصيات:
recommends to applying the security updates recently released by Splunk.
:المراجع
للاطلاع على المراجع:
أنقر هنا