#VU98531 Information disclosure in Splunk Enterprise - CVE-2024-45739
Published: October 15, 2024
Vulnerability identifier: #VU98531
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2024-45739
CWE-ID: CWE-200
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Splunk Enterprise
Splunk Enterprise
Software vendor:
Splunk Inc.
Splunk Inc.
Description
The vulnerability allows a remote user to gain access to potentially sensitive information.
The vulnerability exists due to application exposes plaintext passwords for local native authentication Splunk users when the Splunk Enterprise AdminManager log channel is configured at the DEBUG logging level. A remote privileged user can gain access to sensitive information.
Remediation
Install updates from vendor's website.