Security Advisory

CVE-2024-53243

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-12-10 18:00:49

Last updated 2025-02-28 11:03:42

Assigner Splunk

State PUBLISHED

Description

In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7 and versions below 3.2.462, 3.7.18, and 3.8.5 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could see alert search query responses using Splunk Secure Gateway App Key Value Store (KVstore) collections endpoints due to improper access control.

← Browse all CVEs View on cve.org ↗