CVE-2024-23677 — Vulnetix

CVE-2024-23677 PUBLISHED

Es besteht eine Schwachstelle in Splunk Splunk Enterprise. Dieser Fehler besteht im Dienstprogramm RapidDiag, das Serverantworten auf eine Upload-Anforderung einer externen Anwendung in einer Protokolldatei offenlegt. Ein entfernter, authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen.

EPSS 0.23% · 45.8th percentile

Risk Scores

EPSS Score

0.23%

45.8th percentile

Exploit Intelligence

https://advisory.splunk.com/advisories/SVD-2024-0107 (circl)

Timeline

Jan 22, 2024 CVE Published
Jan 24, 2024 EPSS Score
Feb 21, 2024 EPSS Score
Mar 20, 2024 EPSS Score
Apr 16, 2024 EPSS Score
May 14, 2024 EPSS Score
Jun 11, 2024 EPSS Score
Jul 9, 2024 EPSS Score
Aug 6, 2024 EPSS Score
Sep 2, 2024 EPSS Score
Sep 30, 2024 EPSS Score
Oct 4, 2024 Coalition ESS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0174.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0174 advisory
https://advisory.splunk.com//advisories/SVD-2024-0105 advisory
https://advisory.splunk.com//advisories/SVD-2024-0106 advisory
https://advisory.splunk.com//advisories/SVD-2024-0107 advisory
https://advisory.splunk.com//advisories/SVD-2024-0108 advisory
https://advisory.splunk.com//advisories/SVD-2024-0109 advisory

Open in Interactive Console →