all InfoSec News logo
all InfoSec News - Your InfoSec news aggregator
Log in Sign up
all InfoSec News

Remote Code Execution (RCE) through an external lookup due to “copybuckets.py...

Add to bookmarks
July 1, 2024, 4:57 p.m. |

CVE | THREATINT - NEW cve.threatint.com

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10, a low-privileged user that does not hold the admin or power Splunk roles could cause a Remote Code Execution through an external lookup...

admin code code execution enterprise external low power privileged privileged user rce remote code remote code execution roles splunk splunk enterprise

Visit resource

More from cve.threatint.com / CVE | THREATINT - NEW

playSMS Template injectionA vulnerability was found in playSMS 1.4.3. It has ... 7 hours ago | cve.threatint.com
amp app file found +7
Red Lion Europe: mbNET.mini vulnerable to OS command injectionA high privileg... 7 hours ago | cve.threatint.com
attacker can command commands +8
Uncontrolled Resource Consumption vulnerability in MESbookUncontrolled Resour... 7 hours ago | cve.threatint.com
attacker can code inject +8
Information exposure vulnerability vulnerability in MESbookInformation exposu... 7 hours ago | cve.threatint.com
access api attacker changing +8
playSMS Template injectionA vulnerability was found in playSMS 1.4.3. It has ... 9 hours ago | cve.threatint.com
amp app file found +5
Limited DoS due to permitting creating users with user-defined IDsMattermost ... 11 hours ago | cve.threatint.com
attacker defined dos fail +2
RemoteClusterFrame payloads are audit logged in fullMattermost versions 9.5.x... 11 hours ago | cve.threatint.com
access attacker audit audit logs +7
Creating posts with user-defined IDs permitted in CreatePost APIMattermost ve... 11 hours ago | cve.threatint.com
attacker defined fail ids +3
Timing attack during remote cluster token comparison when shared channels are... 11 hours ago | cve.threatint.com
attack cluster fail mattermost +4

Jobs in InfoSec / Cybersecurity

Find Talent

DHS Architecture Engineering Support

@ General Dynamics Information Technology | USA VA Home Office (VAHOME)
View on infosec-jobs.com

AWS DevOps Engineer

@ Booz Allen Hamilton | USA, VA, Alexandria (6361 Walker Ln)
View on infosec-jobs.com

Senior Engineering Manager | SI&WS

@ Boeing | USA - Saint Charles, MO
View on infosec-jobs.com

SOFTWARE ENGINEER III - Java Full Stack

@ Walmart | IN TN CHENNAI Home Office RMZ Millenia Biz Park
View on infosec-jobs.com

Senior, Software Engineer - Java Lead

@ Walmart | IN TN CHENNAI Home Office RMZ Millenia Biz Park
View on infosec-jobs.com

Full Stack Software Engineer (Associate/Mid-Level))

@ Boeing | USA - Mountain View, CA
View on infosec-jobs.com