Vulnerabilities > Splunk
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-14 | CVE-2024-45731 | Path Traversal vulnerability in Splunk In Splunk Enterprise for Windows versions below 9.3.1, 9.2.3, and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could write a file to the Windows system root directory, which has a default location in the Windows System32 folder, when Splunk Enterprise for Windows is installed on a separate drive. | 8.0 |
| 2024-10-14 | CVE-2024-45732 | Missing Authorization vulnerability in Splunk and Splunk Cloud Platform In Splunk Enterprise versions below 9.3.1, and 9.2.0 versions below 9.2.3, and Splunk Cloud Platform versions below 9.2.2403.103, 9.1.2312.200, 9.1.2312.110 and 9.1.2308.208, a low-privileged user that does not hold the "admin" or "power" Splunk roles could run a search as the "nobody" Splunk user in the SplunkDeploymentServerConfig app. | 6.5 |
| 2024-10-14 | CVE-2024-45733 | Deserialization of Untrusted Data vulnerability in Splunk In Splunk Enterprise for Windows versions below 9.2.3 and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could perform a Remote Code Execution (RCE) due to an insecure session storage configuration. | 8.8 |
| 2024-10-14 | CVE-2024-45734 | Unspecified vulnerability in Splunk In Splunk Enterprise versions 9.3.0, 9.2.3, and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could view images on the machine that runs Splunk Enterprise by using the PDF export feature in Splunk classic dashboards. | 4.3 |
| 2024-10-14 | CVE-2024-45735 | Unspecified vulnerability in Splunk and Splunk Cloud Platform In Splunk Enterprise versions below 9.2.3 and 9.1.6, and Splunk Secure Gateway versions on Splunk Cloud Platform versions below 3.4.259, 3.6.17, and 3.7.0, a low-privileged user that does not hold the "admin" or "power" Splunk roles can see App Key Value Store (KV Store) deployment configuration and public/private keys in the Splunk Secure Gateway App. | 4.3 |
| 2024-10-14 | CVE-2024-45736 | Unspecified vulnerability in Splunk and Splunk Cloud Platform In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.107, 9.1.2312.204, and 9.1.2312.111, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a search query with an improperly formatted "INGEST_EVAL" parameter as part of a [Field Transformation](https://docs.splunk.com/Documentation/Splunk/latest/Knowledge/Managefieldtransforms) which could crash the Splunk daemon (splunkd). | 6.5 |
| 2024-10-14 | CVE-2024-45737 | Cross-Site Request Forgery (CSRF) vulnerability in Splunk and Splunk Cloud Platform In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108, and 9.1.2312.204, a low-privileged user that does not hold the "admin" or "power" Splunk roles could change the maintenance mode state of App Key Value Store (KVStore) through a Cross-Site Request Forgery (CSRF). | 3.5 |
| 2024-10-14 | CVE-2024-45738 | Information Exposure Through Log Files vulnerability in Splunk In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes sensitive HTTP parameters to the `_internal` index. | 4.9 |
| 2024-10-14 | CVE-2024-45739 | Information Exposure Through Log Files vulnerability in Splunk In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes plaintext passwords for local native authentication Splunk users. | 4.9 |
| 2024-10-14 | CVE-2024-45740 | Cross-site Scripting vulnerability in Splunk and Splunk Cloud Platform In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload through Scheduled Views that could result in execution of unauthorized JavaScript code in the browser of a user. | 5.4 |