SVD-2024-0701 – Ejecuci\u00f3n remota de c\u00f3digo a trav\u00e9s del componente de generaci\u00f3n de PDF del panel de control – Severidad Alta<\/strong><\/p>\n\n\n\nEn las versiones de Splunk Enterprise anteriores a 9.2.2, 9.1.5 y 9.0.10 y en las versiones de Splunk Cloud Platform anteriores a 9.1.2312.109 y 9.1.2308.203, un usuario autenticado podr\u00eda ejecutar c\u00f3digo arbitrario a trav\u00e9s del componente de generaci\u00f3n de PDF del panel de control.<\/p>\n\n\n\n
El punto de conexi\u00f3n REST pdfgen\/render utiliza una versi\u00f3n vulnerable de la biblioteca Python ReportLab Toolkit (v3.6.1) con una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remoto.<\/p>\n\n\n\n
SVD-2024-0718 –<\/strong> Actualizaciones de paquetes de terceros en Splunk Enterprise: julio de 2024 – Severidad Alta<\/strong><\/p>\n\n\n\nSplunk solucion\u00f3 vulnerabilidades y exposiciones comunes (CVE) en paquetes de terceros en las versiones 9.2.1, 9.1.4, 9.0.9 y superiores de Splunk Enterprise.<\/p>\n\n\n\n
SVD-2024-0708 – La biblioteca criptogr\u00e1fica OpenSSL (libcrypto.so) se compil\u00f3 incorrectamente con el bit de ejecuci\u00f3n de pila configurado en Splunk Enterprise y Universal Forwarder en ciertos sistemas operativos – Severidad Baja <\/strong><\/p>\n\n\n\nEn ciertas versiones espec\u00edficas y arquitecturas de plataforma de Splunk Enterprise y Universal Forwarder, la biblioteca criptogr\u00e1fica para OpenSSL (libcrypto.so) se compil\u00f3 incorrectamente con su bit de ejecuci\u00f3n de pila establecido. Establecer el bit ejecutable en archivos de biblioteca .so no es una vulnerabilidad directa.<\/p>\n\n\n\n
III. Referencia a soluciones, herramientas e informaci\u00f3n<\/strong><\/strong><\/p>\n\n\n\nInstalar las actualizaciones correspondientes, seg\u00fan indique el fabricante.<\/p>\n\n\n\n
Versiones parchadas:<\/p>\n\n\n\n
Splunk Enterprise: 9.2.2, 9.1.5 y 9.0.10;<\/p>\n\n\n\n
Splunk Cloud Plataforma: 9.1.2312.109 y 9.1.2308.207.<\/p>\n\n\n\n
Soporte: https:\/\/advisory.splunk.com\/advisories<\/p>\n\n\n\n
Fuentes:<\/strong><\/p>\n\n\n\n\n- CSIRT Chile. Avisos Seguridad, Splunk Enterprise y otros – Vulnerabilidades. 2 de julio del 2024. Recopilado en: https:\/\/csirt.gob.cl\/alertas\/vsa24-01038\/<\/li>\n\n\n\n
- Splunk Oficial. \u00a01 de julio del 2024. Security Advisories. Recopilado en: https:\/\/advisory.splunk.com\/advisories<\/li>\n<\/ol>\n\n\n\n
Informaci\u00f3n de contacto<\/strong>
CSIRT PANAMA
Computer Security Incident Response Team Autoridad Nacional para la Innovacion Gubernamental
E-Mail: info@cert.pa
Phone: +507 520-CERT (2378)
Web: https:\/\/cert.pa
Twitter: @CSIRTPanama
Key ID: 16F2B124<\/p>\n","protected":false},"excerpt":{"rendered":"Gravedad: Alta\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 Fecha de publicaci\u00f3n: julio 3, 2024\u00daltima revisi\u00f3n: julio 3, 2024 Sitio web: splunk.com Sistemas Afectados: Splunk Enterprise (9.0.x. \/ 9.1.x \/ 9.2.x) Splunk Cloud Platform (9.1.2312\u00a0\u00a0 \/ 9.1.2308) I. Descripci\u00f3n Se han publicado…<\/p>\n","protected":false},"author":4,"featured_media":3848,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_uf_show_specific_survey":0,"_uf_disable_surveys":false,"footnotes":""},"categories":[4],"tags":[43,8,72,73,80,68],"class_list":["post-3845","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-avisos-de-seguridad","tag-alertas","tag-avisos","tag-avisos-de-seguridad","tag-parches","tag-vulnerabilidad","tag-vulnerabilidades"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/3845","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3845"}],"version-history":[{"count":2,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/3845\/revisions"}],"predecessor-version":[{"id":3847,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/3845\/revisions\/3847"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/media\/3848"}],"wp:attachment":[{"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3845"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3845"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3845"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}