CVE-2024-53247

Remote Code Execution through Deserialization of Untrusted Data in Splunk Secure Gateway app

Description

In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7, and versions below 3.4.261 and 3.7.13 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could perform a Remote Code Execution (RCE).

INFO

Published Date :

2024-12-10T18:00:24.359Z

Last Modified :

2025-02-28T11:03:41.947Z

Source :

Splunk

AFFECTED PRODUCTS

The following products are affected by CVE-2024-53247 vulnerability.

Vendors	Products
Splunk	Splunk Enterprise Splunk Secure Gateway

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-53247.

URL	Resource
https://advisory.splunk.com/advisories/SVD-2024-1205

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact