Happy #PatchTuesday from Splunk:
- SVD-2024-1201 Information Disclosure in Mobile Alert Responses in Splunk Secure Gateway (CVE-2024-53243, 4.3 medium)
- SVD-2024-1202 Risky command safeguards bypass in "/en-US/app/search/report" endpoint through "s" parameter (CVE-2024-53244, 5.7 medium)
- SVD-2024-1203 Information Disclosure due to Username Collision with a Role that has the same Name as the User (CVE-2024-53245, 3.1 low)
- SVD-2024-1204 Sensitive Information Disclosure through SPL commands (CVE-2024-53246, 5.3 medium)
- SVD-2024-1205 Remote Code Execution through Deserialization of Untrusted Data in Splunk Secure Gateway app (CVE-2024-53247, 8.8 high)
- SVD-2024-1206 Third-Party Package Updates in Splunk Enterprise - December 2024 (multiple CVEs)
- SVD-2024-1207 Third-Party Package Updates in Splunk Universal Forwarder - December 2024 (CVE-2024-5535, 9.1 critical)
No verbiage of exploitation.