Improper Permissions Handling in Splunk KV Store API Can Lead to Deletion of Collections

Improper Permissions Handling in Splunk KV Store API Can Lead to Deletion of Collections

CVE-2024-23675 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store (KV Store) improperly handles permissions for users that use the REST application programming interface (API). This can potentially result in the deletion of KV Store collections.

Learn more about our Api Penetration Testing.