cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-53243,https://securityvulnerability.io/vulnerability/CVE-2024-53243,Improper Access Control in Splunk Enterprise and Secure Gateway App,"In affected versions of Splunk Enterprise and the Splunk Secure Gateway app, a vulnerability exists that allows low-privileged users to access alert search query results through KVstore endpoints. This occurs due to insufficient access control mechanisms, posing a risk of unauthorized data exposure.",Splunk,"Splunk Enterprise,Splunk Secure Gateway",4.3,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-12-10T18:15:00.000Z,0
CVE-2024-53247,https://securityvulnerability.io/vulnerability/CVE-2024-53247,Low-Privileged User RCE Vulnerability in Splunk Enterprise and Secure Gateway,"A vulnerability has been identified in Splunk Enterprise and the Splunk Secure Gateway app, allowing low-privileged users without administrative privileges to execute arbitrary code remotely. This issue affects specific versions of both Splunk Enterprise and the Secure Gateway app, potentially leading to unauthorized access and manipulation of system resources. Security measures should be prioritized to mitigate the risks associated with this vulnerability, particularly in environments where user permissions are not effectively managed.",Splunk,"Splunk Enterprise,Splunk Secure Gateway",8.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-12-10T18:15:00.000Z,0
CVE-2024-45735,https://securityvulnerability.io/vulnerability/CVE-2024-45735,Improper Access Control for low-privileged user in Splunk Secure Gateway App,"In Splunk Enterprise versions below 9.2.3 and 9.1.6, and Splunk Secure Gateway versions on Splunk Cloud Platform versions below 3.4.259, 3.6.17, and 3.7.0, a low-privileged user that does not hold the ""admin"" or ""power"" Splunk roles can see App Key Value Store (KV Store) deployment configuration and public/private keys in the Splunk Secure Gateway App.",Splunk,"Splunk Enterprise,Splunk Secure Gateway",4.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-10-14T17:15:00.000Z,0