Security Advisory

CVE-2024-45733

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-10-14 17:03:36

Last updated 2025-02-28 11:03:46

Assigner Splunk

State PUBLISHED

Description

In Splunk Enterprise for Windows versions below 9.2.3 and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could perform a Remote Code Execution (RCE) due to an insecure session storage configuration.

← Browse all CVEs View on cve.org ↗