{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-10T05:00:30.898","vulnerabilities":[{"cve":{"id":"CVE-2024-23675","sourceIdentifier":"prodsec@splunk.com","published":"2024-01-22T21:15:10.263","lastModified":"2024-11-21T08:58:08.930","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store (KV Store) improperly handles permissions for users that use the REST application programming interface (API). This can potentially result in the deletion of KV Store collections."},{"lang":"es","value":"En las versiones de Splunk Enterprise inferiores a 9.0.8 y 9.1.3, el almacén de valores clave de la aplicación Splunk (KV Store) maneja incorrectamente los permisos para los usuarios que usan la interfaz de programación de aplicaciones (API) REST. Potencialmente, esto puede resultar en la eliminación de las colecciones de KV Store."}],"metrics":{"cvssMetricV31":[{"source":"prodsec@splunk.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"prodsec@splunk.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:cloud:*:*:*:*:*:*:*:*","versionEndExcluding":"9.1.2312.100","matchCriteriaId":"AD58A503-42FB-4CCA-9ABE-2DBC42440867"},{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"9.0.0","versionEndExcluding":"9.0.8","matchCriteriaId":"51D25D9F-2F3B-4A9A-B468-1DF8EB682692"},{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"9.1.0","versionEndExcluding":"9.1.3","matchCriteriaId":"125F126C-4B0F-4B3D-891F-498E6DE761D7"}]}]}],"references":[{"url":"https://advisory.splunk.com/advisories/SVD-2024-0105","source":"prodsec@splunk.com","tags":["Vendor Advisory"]},{"url":"https://research.splunk.com/application/8f0e8380-a835-4f2b-b749-9ce119364df0/","source":"prodsec@splunk.com","tags":["Vendor Advisory"]},{"url":"https://advisory.splunk.com/advisories/SVD-2024-0105","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://research.splunk.com/application/8f0e8380-a835-4f2b-b749-9ce119364df0/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}