In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109, an attacker could determine whether or not another user exists on the instance by deciphering the error response that they would likely receive from the instance when they attempt to log in. This disclosure could then lead to additional brute-force password-guessing attacks. This vulnerability would require that the Splunk platform instance uses the Security Assertion Markup Language (SAML) authentication scheme.
History

Tue, 10 Dec 2024 18:15:00 +0000

Type Values Removed Values Added
First Time appeared Splunk splunk Enterprise
CPEs cpe:2.3:a:splunk:splunk_enterprise:*:*:*:*:*:*:*:*
Vendors & Products Splunk splunk Enterprise
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Splunk

Published: 2024-07-01T16:30:41.186Z

Updated: 2024-12-10T18:01:33.522Z

Reserved: 2024-05-30T16:36:21.002Z

Link: CVE-2024-36996

cve-icon Vulnrichment

Updated: 2024-08-02T03:43:50.582Z

cve-icon NVD

Status : Modified

Published: 2024-07-01T17:15:08.917

Modified: 2024-11-21T09:23:00.057

Link: CVE-2024-36996

cve-icon Redhat

No data.