GHSA-xgm5-jh99-wc4vCriticalCVSS 9.8
In Splunk Enterprise versions below 10.2.4 and 10.0.7, and Splunk Cloud Platform versions below...
🔗 CVE IDs covered (1)
📋 Description
In Splunk Enterprise versions below 10.2.4 and 10.0.7, and Splunk Cloud Platform versions below 10.4.2604.3 and 10.2.2510.14, an unauthenticated user could create or truncate arbitrary files through a PostgreSQL sidecar service endpoint.The vulnerability exists because the PostgreSQL sidecar service endpoint lacks authentication controls, allowing any network-reachable user to invoke file operations without credentials.