CVE-2024-29945

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-29945
In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the software potentially exposes authentication tokens during the token validation process. This exposure happens when either Splunk Enterprise runs in debug mode or the JsonWebToken component has been configured to log its activity at the DEBUG logging level.

7.2 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://advisory.splunk.com/advisories/SVD-2024-0301 Mitigation Vendor Advisory
https://research.splunk.com/application/9a67e749-d291-40dd-8376-d422e7ecf8b5 Technical Description Vendor Advisory
https://advisory.splunk.com/advisories/SVD-2024-0301 Mitigation Vendor Advisory
https://research.splunk.com/application/9a67e749-d291-40dd-8376-d422e7ecf8b5 Technical Description Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
History

21 Nov 2024, 09:08

Type Values Removed Values Added
References () https://advisory.splunk.com/advisories/SVD-2024-0301 - Mitigation, Vendor Advisory () https://advisory.splunk.com/advisories/SVD-2024-0301 - Mitigation, Vendor Advisory
References () https://research.splunk.com/application/9a67e749-d291-40dd-8376-d422e7ecf8b5 - Technical Description, Vendor Advisory () https://research.splunk.com/application/9a67e749-d291-40dd-8376-d422e7ecf8b5 - Technical Description, Vendor Advisory

10 Apr 2024, 01:15

Type Values Removed Values Added
Summary
  • (es) En las versiones de Splunk Enterprise inferiores a 9.2.1, 9.1.4 y 9.0.9, el software potencialmente expone tokens de autenticación durante el proceso de validación del token. Esta exposición ocurre cuando Splunk Enterprise se ejecuta en modo de depuración o el componente JsonWebToken se ha configurado para registrar su actividad en el nivel de registro DEBUG.

01 Apr 2024, 15:38

Type Values Removed Values Added
CPE cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
References () https://advisory.splunk.com/advisories/SVD-2024-0301 - () https://advisory.splunk.com/advisories/SVD-2024-0301 - Mitigation, Vendor Advisory
References () https://research.splunk.com/application/9a67e749-d291-40dd-8376-d422e7ecf8b5 - () https://research.splunk.com/application/9a67e749-d291-40dd-8376-d422e7ecf8b5 - Technical Description, Vendor Advisory
First Time Splunk splunk
Splunk

27 Mar 2024, 19:15

Type Values Removed Values Added
References
  • () https://research.splunk.com/application/9a67e749-d291-40dd-8376-d422e7ecf8b5 -

27 Mar 2024, 17:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-03-27 17:15

Updated : 2024-11-21 09:08

NVD link : CVE-2024-29945

Mitre link : CVE-2024-29945

CVE.ORG link : CVE-2024-29945

JSON object : View

Products Affected

splunk

  • splunk
CWE
CWE-532

Insertion of Sensitive Information into Log File


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024