Information disclosure in Splunk Enterprise - CVE-2024-45739
Published: October 15, 2024
Vulnerability identifier: #VU98531
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2024-45739
CWE-ID: CWE-200
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Splunk Inc.
Affected software:
Splunk Enterprise
Splunk Enterprise
Detailed vulnerability description
The vulnerability allows a remote user to gain access to potentially sensitive information.
The vulnerability exists due to application exposes plaintext passwords for local native authentication Splunk users when the Splunk Enterprise AdminManager log channel is configured at the DEBUG logging level. A remote privileged user can gain access to sensitive information.
How to mitigate CVE-2024-45739
Install updates from vendor's website.