In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, a low-privileged user that does not hold the admin or power Splunk roles could create notifications in Splunk Web Bulletin Messages that all users on the instance receive.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: Splunk

Published: 2024-07-01T16:30:38.545Z

Updated: 2024-12-10T18:01:35.529Z

Reserved: 2024-05-30T16:36:21.001Z

Link: CVE-2024-36989

cve-icon Vulnrichment

Updated: 2024-08-02T03:43:50.575Z

cve-icon NVD

Status : Modified

Published: 2024-07-01T17:15:07.380

Modified: 2024-11-21T09:22:59.027

Link: CVE-2024-36989

cve-icon Redhat

No data.