CVE-2024-45738
14.10.2024, 17:15
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes sensitive HTTP parameters to the `_internal` index. This exposure could happen if you configure the Splunk Enterprise `REST_Calls` log channel at the DEBUG logging level.Enginsight
| Vendor | Product | Version |
|---|---|---|
| splunk | splunk | 9.1.0 ≤ 𝑥 < 9.1.6 |
| splunk | splunk | 9.2.0 ≤ 𝑥 < 9.2.3 |
| splunk | splunk | 9.3.0 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-200 - Exposure of Sensitive Information to an Unauthorized ActorThe product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
- CWE-532 - Insertion of Sensitive Information into Log FileInformation written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.