"Splunk Patches Vulnerabilities in Enterprise Product"
"Splunk Patches Vulnerabilities in Enterprise Product"
Splunk recently announced security patches for its Enterprise product, including vulnerabilities that have been assigned a high severity rating. One of the flaws, CVE-2024-29946, impacts the Dashboard Examples Hub in the Splunk Dashboard Studio app and can be exploited to bypass protections for risky Search Processing Language (SPL) commands. Splunk noted that this could let attackers bypass SPL safeguards for risky commands with the permissions of a highly privileged user in the Hub.