CVE-2022-37438
Vulnerability from cvelistv5
Published
2022-08-16 19:49
Modified
2024-09-17 01:46
Severity ?
EPSS score ?
Summary
Information disclosure via the dashboard drilldown in Splunk Enterprise
References
▼ | URL | Tags | |
---|---|---|---|
prodsec@splunk.com | https://research.splunk.com/application/f844c3f6-fd99-43a2-ba24-93e35fe84be6 | Vendor Advisory | |
prodsec@splunk.com | https://www.splunk.com/en_us/product-security/announcements/svd-2022-0802.html | Mitigation, Vendor Advisory |
Impacted products
▼ | Vendor | Product |
---|---|---|
Splunk | Splunk Enterprise | |
Splunk | Splunk Cloud Platform |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T10:29:21.035Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.splunk.com/en_us/product-security/announcements/svd-2022-0802.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://research.splunk.com/application/f844c3f6-fd99-43a2-ba24-93e35fe84be6" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Splunk Enterprise", "vendor": "Splunk", "versions": [ { "lessThan": "9.0.1", "status": "affected", "version": "9.0", "versionType": "custom" }, { "lessThan": "8.2.7.1", "status": "affected", "version": "8.2", "versionType": "custom" }, { "lessThan": "8.1.11", "status": "affected", "version": "8.1", "versionType": "custom" } ] }, { "product": "Splunk Cloud Platform", "vendor": "Splunk", "versions": [ { "lessThan": "9.0.2205", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "Eric LaMothe at Splunk" } ], "datePublic": "2022-08-16T00:00:00", "descriptions": [ { "lang": "en", "value": "In Splunk Enterprise versions in the following table, an authenticated user can craft a dashboard that could potentially leak information (for example, username, email, and real name) about Splunk users, when visited by another user through the drilldown component. The vulnerability requires user access to create and share dashboards using Splunk Web." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.6, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-200", "description": "CWE-200", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-17T20:02:14", "orgId": "42b59230-ec95-491e-8425-5a5befa1a469", "shortName": "Splunk" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.splunk.com/en_us/product-security/announcements/svd-2022-0802.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://research.splunk.com/application/f844c3f6-fd99-43a2-ba24-93e35fe84be6" } ], "source": { "advisory": "SVD-2022-0802", "defect": [ "SPL-221531" ], "discovery": "INTERNAL" }, "title": "Information disclosure via the dashboard drilldown in Splunk Enterprise", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "prodsec@splunk.com", "DATE_PUBLIC": "2022-08-16T16:00:00.000Z", "ID": "CVE-2022-37438", "STATE": "PUBLIC", "TITLE": "Information disclosure via the dashboard drilldown in Splunk Enterprise" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Splunk Enterprise", "version": { "version_data": [ { "version_affected": "\u003c", "version_name": "9.0", "version_value": "9.0.1" }, { "version_affected": "\u003c", "version_name": "8.2", "version_value": "8.2.7.1" }, { "version_affected": "\u003c", "version_name": "8.1", "version_value": "8.1.11" } ] } }, { "product_name": "Splunk Cloud Platform", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "9.0.2205" } ] } } ] }, "vendor_name": "Splunk" } ] } }, "credit": [ { "lang": "eng", "value": "Eric LaMothe at Splunk" } ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In Splunk Enterprise versions in the following table, an authenticated user can craft a dashboard that could potentially leak information (for example, username, email, and real name) about Splunk users, when visited by another user through the drilldown component. The vulnerability requires user access to create and share dashboards using Splunk Web." } ] }, "impact": { "cvss": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.6, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-200" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.splunk.com/en_us/product-security/announcements/svd-2022-0802.html", "refsource": "CONFIRM", "url": "https://www.splunk.com/en_us/product-security/announcements/svd-2022-0802.html" }, { "name": "https://research.splunk.com/application/f844c3f6-fd99-43a2-ba24-93e35fe84be6", "refsource": "CONFIRM", "url": "https://research.splunk.com/application/f844c3f6-fd99-43a2-ba24-93e35fe84be6" } ] }, "source": { "advisory": "SVD-2022-0802", "defect": [ "SPL-221531" ], "discovery": "INTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "42b59230-ec95-491e-8425-5a5befa1a469", "assignerShortName": "Splunk", "cveId": "CVE-2022-37438", "datePublished": "2022-08-16T19:49:23.763068Z", "dateReserved": "2022-08-05T00:00:00", "dateUpdated": "2024-09-17T01:46:12.412Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2022-37438\",\"sourceIdentifier\":\"prodsec@splunk.com\",\"published\":\"2022-08-16T21:15:13.587\",\"lastModified\":\"2023-07-21T19:20:46.370\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Splunk Enterprise versions in the following table, an authenticated user can craft a dashboard that could potentially leak information (for example, username, email, and real name) about Splunk users, when visited by another user through the drilldown component. The vulnerability requires user access to create and share dashboards using Splunk Web.\"},{\"lang\":\"es\",\"value\":\"En las versiones de Splunk Enterprise de la siguiente tabla, un usuario autenticado puede dise\u00f1ar un panel de control que podr\u00eda filtrar informaci\u00f3n (por ejemplo, nombre de usuario, correo electr\u00f3nico y nombre real) sobre los usuarios de Splunk, cuando es visitado por otro usuario por medio del componente drilldown. La vulnerabilidad requiere el acceso del usuario para crear y compartir cuadros de mando usando Splunk Web.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\",\"baseScore\":3.5,\"baseSeverity\":\"LOW\"},\"exploitabilityScore\":2.1,\"impactScore\":1.4},{\"source\":\"prodsec@splunk.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\",\"baseScore\":2.6,\"baseSeverity\":\"LOW\"},\"exploitabilityScore\":1.2,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]},{\"source\":\"prodsec@splunk.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*\",\"versionStartIncluding\":\"8.1.0\",\"versionEndExcluding\":\"8.1.11\",\"matchCriteriaId\":\"52EBCCF6-0276-4B2C-9068-53864A39265F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*\",\"versionStartIncluding\":\"8.2.0\",\"versionEndExcluding\":\"8.2.7.1\",\"matchCriteriaId\":\"07E949C3-48BB-4D7F-98A2-B078E7A75F1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk:9.0.0:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"9A6A63F1-B7A3-4D3D-8366-29C38A5B48BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"8.2.2203.4\",\"matchCriteriaId\":\"DB89EDB8-DF51-4A3E-AD64-D688B367B32C\"}]}]}],\"references\":[{\"url\":\"https://research.splunk.com/application/f844c3f6-fd99-43a2-ba24-93e35fe84be6\",\"source\":\"prodsec@splunk.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.splunk.com/en_us/product-security/announcements/svd-2022-0802.html\",\"source\":\"prodsec@splunk.com\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]}]}}" } }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.