vulnerability
Splunk: CVE-2024-29946: Risky command safeguards bypass in Dashboard Examples Hub
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:M/Au:N/C:C/I:C/A:N) | Mar 27, 2024 | Apr 7, 2025 | May 27, 2026 |
Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:N)
Published
Mar 27, 2024
Added
Apr 7, 2025
Modified
May 27, 2026
Description
In Splunk Enterprise versions below 9.2.1, 9.1.4 and 9.0.9, and Splunk Cloud Platform versions below 9.1.2312.104 and 9.1.2308.205, the Dashboard Examples Hub in the Splunk Dashboard Studio app lacks protections for risky SPL commands, which could allow an attacker to bypass SPL safeguards for risky commands.The vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser (and in the case of Splunk Enterprise, also if Splunk Web is on).For more information on risky commands and potential impacts, seeSPL safeguards for risky commands.
Solution
splunk-upgrade-latest
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.