Server Response Disclosure in RapidDiag Salesforce.com Log File
Advisory ID: SVD-2024-0107
CVE ID: CVE-2024-23677
Published: 2024-01-22
Last Update: 2024-01-22
CVSSv3.1 Score: 4.3, Medium
CVSSv3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CWE: CWE-532
Bug ID: SPL-225757
Description
In Splunk Enterprise versions below 9.0.8, the Splunk RapidDiag utility discloses server responses to an external application upload request in a log file. The log files might contain sensitive information.
Solution
Upgrade Splunk Enterprise to 9.0.8 or higher.
Splunk is actively monitoring and patching Splunk Cloud Platform instances.
Product Status
| Product | Version | Component | Affected Version | Fix Version |
|---|---|---|---|---|
| Splunk Enterprise | 9.0 | Splunk Web | 9.0.0 to 9.0.7 | 9.0.8 |
| Splunk Cloud | - | Splunk Web | Versions below 9.0.2208 | 9.0.2208 |
Mitigations and Workarounds
N/A
Detections
None
Severity
Splunk rates this vulnerability a 4.3, Medium, with a CVSSv3.1 vector of CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N.
Acknowledgments
Vikram Ashtaputre, Splunk