Platform
Why Recorded Future
Services
Insikt Group® Research
Resources

Get Started

Platform Overview
A single platform to enable organization-wide decision making — get comprehensive, real-time, and unbiased threat intelligence to identify what matters most.
Book a Demo
Explore on-demand demos
Try our free tools
View trending vulnerabilities

Why Recorded Future
Discover why the world’s leading organizations trust Recorded Future to help identify and mitigate threats.
Our Story
Customers and case studies
In the news

Services Overview
Maximize your intelligence investment at every stage of the journey with our dedicated onboarding and enablement programs, advisory resources, and on-demand support, training, and practitioner community.

Insikt Group® Research
Insikt Group® is Recorded Future’s threat research division, comprising analysts and security researchers with deep government, law enforcement, military, and intelligence agency experience.
Threat Intelligence Reports
Threat Briefings

Resources Overview
Discover an array of threat intelligence resources at Recorded Future.
Blog
Events
Webinars

Platform Features

Intelligence Graph®
Analyze and detect emerging threats with data from 1M+ global sources.
Collective Insights®
Enrich data from security tools with threat intelligence to uncover patterns in detections.
Integrations & APIs
Connect your security stack through pre-built integrations and flexible APIs.
Recorded Future AI
Interact with the Intelligence Graph® with AI Conversations, AI Reporting, and AI Insights.

Products

Threat Intelligence
Brand Intelligence
SecOps Intelligence
Identity Intelligence
Third-Party Intelligence
Attack Surface Intelligence
Vulnerability Intelligence
Geopolitical Intelligence
Payment Fraud Intelligence

Use Cases

Ransomware Mitigation
Prevent ransomware threats across every stage of the attack lifecycle.
Exposure Management
Continuously monitor exposure points that can be exploited by adversaries.
Security Workflow Automation
Eliminate manual tasks to focus on higher-value intelligence work.
Supply Chain Risk Mitigation
Monitor and detect global vendor risk.
Digital Risk Protection
Safeguard your brand, identities, and other business-critical assets.

Teams

Cyber Threat Intelligence
Security Leadership
Security Operations

Industries

Public Sector
Critical Infrastructure
Technology
Financial Services
Retail

Services

Managed Monitoring
Extend and enhance your security team with threat intelligence experts.
Intelligence Services
Strengthen your intelligence program with integration and advisory services.
Analyst on Demand
Get custom intelligence reports, briefings, and training from in-house expert analysts.

Latest from Insikt Group®

1st May 2025

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

29th Apr 2025

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

22nd May 2025

Russia-Aligned TAG-110 Targets Tajikistan with Macro-Enabled

Know What Matters

Vulnerability Database
Threat Intelligence 101
E-Books
Whitepapers
The Record News
Click Here Podcast
Cyber Daily Newsletter

For Customers

Training
Community
Mobile App

For Partners

Why partner with us
Value Added Reseller
Global Tech Alliance
Managed Security Service Providers
Original Equipment Manufacturer

Home>
Vulnerability Database>
CVE-2024-45738

CVE-2024-45738

CVSS 3.1 Score 4.9 of 10 (medium)

Details

Published Oct 14, 2024

Updated: Oct 17, 2024

CWE ID 200

CWE ID 532

Summary

CVE-2024-45738 is a vulnerability affecting Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6. This issue enables the potential exposure of sensitive HTTP parameters to the `_internal` index. The vulnerability arises when the Splunk Enterprise REST_Calls log channel is configured at the DEBUG logging level. By exploiting this weakness, malicious actors might gain unauthorized access to sensitive information. It is crucial for Splunk Enterprise users to update their software to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/yYBfxy
https://www.cve.org/CVERecord?id=CVE-2024-45738
https://nvd.nist.gov/vuln/detail/CVE-2024-45738

New Report: 2024 State of Threat Intelligence

Unlock the latest insights from over 550 cybersecurity leaders and learn how to optimize your threat intelligence strategy.

Get your Free Copy

Back to Vulnerability Database

Get trending threat insights delivered to your inbox with Cyber Daily™

Know what matters. Act first.

Careers
Newsroom
Contact Us
Intelligence Fund

Security
Cookies
Privacy Policy
Terms & Conditions

CVE-2024-45738

CVSS 3.1 Score 4.9 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations