March 28, 2024 at 12:18PM
Splunk announced security patches for its Enterprise product addressing high-severity vulnerabilities, including CVE-2024-29946 impacting the Dashboard Examples Hub and CVE-2024-29945 related to potential exposure of authentication tokens. Patches, mitigations, and workarounds are available. Additionally, vulnerabilities introduced via third-party packages in Splunk Enterprise and Universal Forwarder have been patched. Cisco recently acquired Splunk for $28 billion to enhance its AI, security, and observability capabilities.
Based on the meeting notes, here are the key takeaways:
– Splunk recently announced security patches for its Enterprise product, addressing several vulnerabilities, including those with a high severity rating.
– Two specific high-severity vulnerabilities have been patched in Splunk Enterprise, CVE-2024-29946 and CVE-2024-29945.
– CVE-2024-29946 impacts the Dashboard Examples Hub in the Splunk Dashboard Studio app, potentially allowing attackers to bypass protections for risky Search Processing Language (SPL) commands.
– CVE-2024-29945 is related to the potential exposure of authentication tokens during the token validation process.
– The company has provided patches, mitigations, and workarounds for these vulnerabilities.
– Additionally, Splunk has patched several vulnerabilities introduced in Splunk Enterprise and Splunk Universal Forwarder by the use of third-party packages.
– These issues affecting Universal Forwarder have a low or informational severity rating, while the Enterprise issues include high- and medium-severity flaws.
– It is noted that Cisco recently acquired Splunk for $28 billion and plans to leverage its AI, security, and observability technology.
Let me know if you need further clarification or additional information.