Main Vulnerability Database Vulnerabilities #VU98538

#VU98538 Deserialization of Untrusted Data in Splunk Enterprise - CVE-2024-45733

Published: October 15, 2024

Vulnerability identifier: #VU98538

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2024-45733

CWE-ID: CWE-502

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Splunk Enterprise

Software vendor:
Splunk Inc.

Description

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to insecure session storage configuration. A remote user can pass specially crafted data to the application and execute arbitrary code on the target system.

Note, the vulnerability affects Splunk Enterprise for Windows.

Remediation

Install updates from vendor's website.

External links

https://advisory.splunk.com/advisories/SVD-2024-1003
https://research.splunk.com/application/c97e0704-d9c6-454d-89ba-1510a987bf72/

#VU98538 Deserialization of Untrusted Data in Splunk Enterprise - CVE-2024-45733

Description

Remediation

External links

Please verify you're human