Unrated severityNVD Advisory· Published Jul 1, 2024· Updated Feb 28, 2025
Information Disclosure of user names
CVE-2024-36996
Description
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109, an attacker could determine whether or not another user exists on the instance by deciphering the error response that they would likely receive from the instance when they attempt to log in. This disclosure could then lead to additional brute-force password-guessing attacks. This vulnerability would require that the Splunk platform instance uses the Security Assertion Markup Language (SAML) authentication scheme.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4< 9.1.2312.109+ 1 more
- (no CPE)range: < 9.1.2312.109
- (no CPE)range: 9.1.2312
< 9.2.2, < 9.1.5, < 9.0.10+ 1 more
- (no CPE)range: < 9.2.2, < 9.1.5, < 9.0.10
- (no CPE)range: 9.2
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.