CVE-2024-45738Sensitive Information Exposure in Enterprise

CWE-200Sensitive Information ExposureCWE-532Log File Information Exposure3 documents3 sources
Severity
4.9MEDIUMNVD
EPSS
0.1%
top 71.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Splunk EnterpriseSplunk
Timeline
PublishedOct 14

Description

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes sensitive HTTP parameters to the `_internal` index. This exposure could happen if you configure the Splunk Enterprise `REST_Calls` log channel at the DEBUG logging level.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 1.2 | Impact: 3.6

Affected Packages2 packages

CVEListV5splunk/splunk_enterprise9.39.3.1+2
NVDsplunk/splunk9.1.09.1.6+2

🔴Vulnerability Details

2
GHSA
GHSA-587p-xc7x-rjh8: In Splunk Enterprise versions below 92024-10-14
CVEList
Sensitive information disclosure in REST_Calls logging channel2024-10-14
CVE-2024-45738 — Sensitive Information Exposure | cvebase