CVE-2024-29945Log File Information Exposure in Enterprise

CWE-532Log File Information Exposure3 documents3 sources
Severity
7.2HIGHNVD
EPSS
0.2%
top 63.83%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Splunk EnterpriseSplunk
Timeline
PublishedMar 27

Description

In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the software potentially exposes authentication tokens during the token validation process. This exposure happens when either Splunk Enterprise runs in debug mode or the JsonWebToken component has been configured to log its activity at the DEBUG logging level.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

Affected Packages2 packages

CVEListV5splunk/splunk_enterprise9.29.2.1+2
NVDsplunk/splunk9.0.09.0.9+2

🔴Vulnerability Details

2
CVEList
Splunk Authentication Token Exposure in Debug Log in Splunk Enterprise2024-03-27
GHSA
GHSA-36v8-vqh8-c3xx: In Splunk Enterprise versions below 92024-03-27
CVE-2024-29945 — Log File Information Exposure | cvebase