CVE-2024-45733

Remote Code Execution (RCE) due to insecure session storage configuration in Splunk Enterprise on Windows

Description

In Splunk Enterprise for Windows versions below 9.2.3 and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could perform a Remote Code Execution (RCE) due to an insecure session storage configuration.

INFO

Published Date :

2024-10-14T17:03:36.497Z

Last Modified :

2025-02-28T11:03:46.564Z

Source :

Splunk

AFFECTED PRODUCTS

The following products are affected by CVE-2024-45733 vulnerability.

Vendors	Products
Microsoft	Windows
Splunk	Splunk Splunk Enterprise

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-45733.

URL	Resource
https://advisory.splunk.com/advisories/SVD-2024-1003
https://research.splunk.com/application/c97e0704-d9c6-454d-89ba-1510a987bf72/

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact