CVE-2024-45741

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Oct 14, 2024

Updated: Oct 17, 2024

CWE ID 79

Summary

CVE-2024-45741 is a vulnerability affecting Splunk Enterprise versions below 9.2.3 and 9.1.6, as well as Splunk Cloud Platform versions below 9.2.2403.108 and 9.1.2312.205. A low-privileged user, who does not possess the "admin" or "power" roles, can exploit this issue by crafting a malicious payload in a custom configuration file. The payload is executed when the "api.uri" parameter from the "/manager/search/apps/local" endpoint in Splunk Web is called. The outcome is the unauthorized execution of JavaScript code in the user's browser.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Splunk Cloud

Affected Vendors

Splunk

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/yX_sf4
https://www.cve.org/CVERecord?id=CVE-2024-45741
https://nvd.nist.gov/vuln/detail/CVE-2024-45741

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners