CVE-2024-29945

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-29945
In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the software potentially exposes authentication tokens during the token validation process. This exposure happens when either Splunk Enterprise runs in debug mode or the JsonWebToken component has been configured to log its activity at the DEBUG logging level.

7.2 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://advisory.splunk.com/advisories/SVD-2024-0301 Mitigation Vendor Advisory
https://research.splunk.com/application/9a67e749-d291-40dd-8376-d422e7ecf8b5 Technical Description Vendor Advisory
https://advisory.splunk.com/advisories/SVD-2024-0301 Mitigation Vendor Advisory
https://research.splunk.com/application/9a67e749-d291-40dd-8376-d422e7ecf8b5 Technical Description Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
History

21 Nov 2024, 09:08

Type Values Removed Values Added
References () https://advisory.splunk.com/advisories/SVD-2024-0301 - Mitigation, Vendor Advisory () https://advisory.splunk.com/advisories/SVD-2024-0301 - Mitigation, Vendor Advisory
References () https://research.splunk.com/application/9a67e749-d291-40dd-8376-d422e7ecf8b5 - Technical Description, Vendor Advisory () https://research.splunk.com/application/9a67e749-d291-40dd-8376-d422e7ecf8b5 - Technical Description, Vendor Advisory

01 Apr 2024, 15:38

Type Values Removed Values Added
CPE cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
CWE CWE-532
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.2
First Time Splunk
Splunk splunk
References () https://advisory.splunk.com/advisories/SVD-2024-0301 - () https://advisory.splunk.com/advisories/SVD-2024-0301 - Mitigation, Vendor Advisory
References () https://research.splunk.com/application/9a67e749-d291-40dd-8376-d422e7ecf8b5 - () https://research.splunk.com/application/9a67e749-d291-40dd-8376-d422e7ecf8b5 - Technical Description, Vendor Advisory

27 Mar 2024, 19:15

Type Values Removed Values Added
References
  • () https://research.splunk.com/application/9a67e749-d291-40dd-8376-d422e7ecf8b5 -

27 Mar 2024, 17:48

Type Values Removed Values Added
New CVE
Information

Published : 2024-03-27 17:15

Updated : 2024-11-21 09:08

NVD link : CVE-2024-29945

Mitre link : CVE-2024-29945

CVE.ORG link : CVE-2024-29945

JSON object : View

Products Affected

splunk

  • splunk
CWE
CWE-532

Insertion of Sensitive Information into Log File