Remote Code Execution (RCE) due to insecure session storage configuration in Splunk Enterprise on Windows
CVE-2024-45733
8.8HIGH
What is CVE-2024-45733?
A security flaw present in Splunk Enterprise for Windows allows low-privileged users, lacking 'admin' or 'power' roles, to exploit an insecure session storage configuration. This vulnerability permits these users to execute arbitrary code remotely, raising significant security concerns for systems operating on affected versions. Organizations using Splunk Enterprise versions below 9.2.3 and 9.1.6 should prioritize applying necessary patches and access controls to mitigate this risk.
Affected Version(s)
Splunk Enterprise 9.2 < 9.2.3
Splunk Enterprise 9.1 < 9.1.6