CVE-2024-45739

Summary

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes plaintext passwords for local native authentication Splunk users. This exposure could happen when you configure the Splunk Enterprise AdminManager log channel at the DEBUG logging level.

Affected Software

VendorProductVersion RangeStatus
SplunkSplunk Enterprise9.3 < 9.3.1affected
SplunkSplunk Enterprise9.2 < 9.2.3affected
SplunkSplunk Enterprise9.1 < 9.1.6affected

Weaknesses

  • CWE-200: The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References