Description
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109 and 9.1.2308.207, an attacker could trigger a null pointer reference on the cluster/config REST endpoint, which could result in a crash of the Splunk daemon.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Affected products
- Splunk / Splunk Cloud Platform9.1.2312 – 9.1.2312.109
- Splunk / Splunk Cloud Platform9.1.2308 – 9.1.2308.207
- Splunk / Splunk Enterprise9.2 – 9.2.2
- Splunk / Splunk Enterprise9.1 – 9.1.5
- Splunk / Splunk Enterprise9.0 – 9.0.10
References
- VENDOR_ADVISORYhttps://advisory.splunk.com/advisories/SVD-2024-0702