CVE-2024-53247

Published Dec 10, 2024

Last updated 2 days ago

CVSS high 8.8

Overview

Description
In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7, and versions below 3.2.461 and 3.7.13 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could perform a Remote Code Execution (RCE).
Source
prodsec@splunk.com
NVD status
Received

Risk scores

CVSS 3.1

Type
Secondary
Base score
8.8
Impact score
5.9
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

prodsec@splunk.com
CWE-502

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

3

  1. A critical vulnerability (CVE-2024-53247) in the Splunk Secure Gateway app allows low-privileged users to execute arbitrary code, risking security. Immediate action required. ⚠️ #SplunkUsers #CodeExecution #SecurityRisk #CybersecurityNews link: https://t.co/l4zUaJnyQ0 https://t.

    @TweetThreatNews

    12 Dec 2024

    1 Impression

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2024-53247: Splunk Secure Gateway App Vulnerability Allows Remote Code Execution https://t.co/myDzK8OIfQ

    @Dinosn

    12 Dec 2024

    6181 Impressions

    59 Retweets

    130 Likes

    28 Bookmarks

    0 Replies

    1 Quote

  3. 🚨 Critical Splunk & Atlassian Vulnerabilities Alert 🚨 High-severity flaws in Splunk (RCE via CVE-2024-53247) and Atlassian products could allow remote code execution & privilege escalation. Patch now!

    @NetSec_Ian

    11 Dec 2024

    38 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  4. CVE-2024-53247 Remote Code Execution in Splunk Enterprise and Secure Gateway App... https://t.co/UyVukHMvBq Vulnerability Alert Subscriptions: https://t.co/hrQhy5uz4x

    @VulmonFeeds

    10 Dec 2024

    17 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References