CVE-2024-45731

high

Description

In Splunk Enterprise for Windows versions below 9.3.1, 9.2.3, and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could write a file to the Windows system root directory, which has a default location in the Windows System32 folder, when Splunk Enterprise for Windows is installed on a separate drive.

References

https://www.securityweek.com/splunk-enterprise-update-patches-remote-code-execution-vulnerabilities/

https://research.splunk.com/application/c97e0704-d9c6-454d-89ba-1510a987bf72/

https://advisory.splunk.com/advisories/SVD-2024-1001

Details

Source: Mitre, NVD

Published: 2024-10-14

Updated: 2024-10-15

Risk Information

CVSS v2

Base Score: 7.1

Vector: CVSS2#AV:N/AC:H/Au:S/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 8

Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

Severity: High