Vulnerability CVE-2024-23676


Published: 2024-01-22

Description:
In Splunk versions below 9.0.8 and 9.1.3, the ??mrollup? SPL command lets a low-privileged user view metrics on an index that they do not have permission to view. This vulnerability requires user interaction from a high-privileged user to exploit.

 References:
https://advisory.splunk.com/advisories/SVD-2024-0106

Copyright 2026, cxsecurity.com

 

Back to Top