In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store (KV Store) improperly handles permissions for users that use the REST application programming interface (API). This can potentially result in the deletion of KV Store collections.
History

Mon, 21 Oct 2024 11:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Splunk

Published: 2024-01-22T20:37:23.117Z

Updated: 2024-12-10T18:00:55.382Z

Reserved: 2024-01-19T16:28:17.340Z

Link: CVE-2024-23675

cve-icon Vulnrichment

Updated: 2024-08-01T23:06:25.378Z

cve-icon NVD

Status : Modified

Published: 2024-01-22T21:15:10.263

Modified: 2024-11-21T08:58:08.930

Link: CVE-2024-23675

cve-icon Redhat

No data.