ГлавнаяУязвимости → CVE-2024-36991
7.5высокая

CVE-2024-36991

→ есть в БДУ: BDU:2024-05109 (на русском)
Описание (на английском; русское — в БДУ выше)

In Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10, an attacker could perform a path traversal on the /modules/messaging/ endpoint in Splunk Enterprise on Windows. This vulnerability should only affect Splunk Enterprise on Windows.

Затрагиваемое ПО
Splunk SplunkMicrosoft Windows
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Источники
https://advisory.splunk.com/advisories/SVD-2024-0711https://research.splunk.com/application/e7c2b064-524e-4d65-8002-efce808567aahttps://advisory.splunk.com/advisories/SVD-2024-0711https://research.splunk.com/application/e7c2b064-524e-4d65-8002-efce808567aa