Improper Access Control in Splunk Monitoring Console App
In Splunk Enterprise versions below 10.0.2, 10.0.3, 9.4.8, and 9.3.9, a low-privileged user who does not hold the "admin" Splunk role could access the Splunk Monitoring Console App endpoints due to an improper access control. This could lead to a sensitive information disclosure.<br><br>The Monitoring Console app is a bundled app that comes with Splunk Enterprise. It is not available for download on SplunkBase, and is not installed on Splunk Cloud Platform instances. This vulnerability does not affect [Cloud Monitoring Console](https://help.splunk.com/en/splunk-cloud-platform/administer/admin-manual/10.2.2510/monitor-your-splunk-cloud-platform-deployment/introduction-to-the-cloud-monitoring-console).
Problem Types
| Type | CWE ID | Description |
|---|
| cwe | CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
Type: cwe
Description: The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Metrics
| Version | Base score | Base severity | Vector |
|---|
| 3.1 | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
Version: 3.1
Base score: 4.3
Base severity: MEDIUM
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N