Vulnerabilities > Splunk > Splunk > 9.1.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-03-27 | CVE-2024-29945 | Information Exposure Through Log Files vulnerability in Splunk In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the software potentially exposes authentication tokens during the token validation process. | 7.2 |
2024-03-27 | CVE-2024-29946 | Command Injection vulnerability in Splunk In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the Dashboard Examples Hub lacks protections for risky SPL commands. | 8.1 |