CVE-2024-45739
4.9
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes plaintext passwords for local native authentication Splunk users. This exposure could happen when you configure the Splunk Enterprise AdminManager log channel at the DEBUG logging level.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Splunk | Splunk Enterprise | 9.3 < 9.3.1 | affected |
| Splunk | Splunk Enterprise | 9.2 < 9.2.3 | affected |
| Splunk | Splunk Enterprise | 9.1 < 9.1.6 | affected |
Weaknesses
- CWE-200: The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://advisory.splunk.com/advisories/SVD-2024-1009
- https://research.splunk.com/application/93dc7182-c5da-4085-82ec-401abf33d623/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.