In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.2.2403.100, an authenticated, low-privileged user that does not hold the admin or power Splunk roles could send a specially crafted HTTP POST request to the datamodel/web REST endpoint in Splunk Enterprise, potentially causing a denial of service.
Weakness
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Splunk | Splunk | 9.0.0 (including) | 9.0.10 (excluding) |
| Splunk | Splunk | 9.1.0 (including) | 9.1.5 (excluding) |
| Splunk | Splunk | 9.2.0 (including) | 9.2.2 (excluding) |
| Splunk_cloud_platform | Splunk | 9.1.2308 (including) | 9.1.2308.209 (excluding) |
| Splunk_cloud_platform | Splunk | 9.1.2312.100 (including) | 9.1.2312.109 (excluding) |
| Splunk_cloud_platform | Splunk | 9.1.2312.200 (including) | 9.1.2312.202 (excluding) |