Splunk Enterprise 9.1/9.2 Low-Priv User Leak SVK App KV Store Config Keys
CVE-2024-45735 Published on October 14, 2024
Improper Access Control for low-privileged user in Splunk Secure Gateway App
In Splunk Enterprise versions below 9.2.3 and 9.1.6, and Splunk Secure Gateway versions on Splunk Cloud Platform versions below 3.4.259, 3.6.17, and 3.7.0, a low-privileged user that does not hold the "admin" or "power" Splunk roles can see App Key Value Store (KV Store) deployment configuration and public/private keys in the Splunk Secure Gateway App.
Weakness Type
What is an Authorization Vulnerability?
The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
CVE-2024-45735 has been classified to as an Authorization vulnerability or weakness.
Products Associated with CVE-2024-45735
stack.watch emails you whenever new vulnerabilities are published in Splunk or Splunk Cloud Platform. Just hit a watch button to start following.
Affected Versions
Splunk Enterprise:- Version 9.2 and below 9.2.3 is affected.
- Version 9.1 and below 9.1.6 is affected.
- Version 3.6 and below 3.6.17 is affected.
- Version 3.4 and below 3.4.259 is affected.
- Version 9.2 and below 9.2.3 is affected.
- Version 9.1 and below 9.1.6 is affected.
- Version 3.6 and below 3.6.17 is affected.
- Version 3.4 and below 3.4.259 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.