CVE-2024-45735 — Improper Access Control in Enterprise

CWE-284 — Improper Access Control3 documents3 sources

Severity

4.3MEDIUMNVD

EPSS

0.1%

top 77.84%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Splunk Enterprise Splunk Secure Gateway Splunk +1 more

Timeline

PublishedOct 14

Description

In Splunk Enterprise versions below 9.2.3 and 9.1.6, and Splunk Secure Gateway versions on Splunk Cloud Platform versions below 3.4.259, 3.6.17, and 3.7.0, a low-privileged user that does not hold the "admin" or "power" Splunk roles can see App Key Value Store (KV Store) deployment configuration and public/private keys in the Splunk Secure Gateway App.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages4 packages

▶CVEListV5splunk/splunk_secure_gateway3.6 — 3.6.17+1

▶NVDsplunk/splunk_cloud_platform3.6.0 — 3.6.17+1

▶CVEListV5splunk/splunk_enterprise9.2 — 9.2.3+1

▶NVDsplunk/splunk9.1.0 — 9.1.6+1

🔴Vulnerability Details

GHSA

GHSA-5f4q-95cp-q722: In Splunk Enterprise versions below 9↗2024-10-14

▶

CVEList

Improper Access Control for low-privileged user in Splunk Secure Gateway App↗2024-10-14

▶