Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-45734

In Splunk Enterprise versions 9.3.0, 9.2.3, and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could view images on the machine that runs Splunk Enterprise by using the PDF export feature in Splunk classic dashboards. The images on the machine could be exposed by exporting the dashboard as a PDF, using the local image path in the img tag in the source extensible markup language (XML) code for the Splunk classic dashboard.

Published

2024-10-14T17:15:11.850

Last Modified

2024-10-16T22:20:57.687

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 4.3 (MEDIUM)

Weaknesses

Type: Secondary
CWE-284
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	splunk	splunk	< 9.1.6	Yes
Application	splunk	splunk	< 9.2.3	Yes

References

https://advisory.splunk.com/advisories/SVD-2024-1004 Vendor Advisory ([email protected])
https://research.splunk.com/application/7464e2dc-98a5-4af9-87a1-fa6d5a256fa6/ Vendor Advisory ([email protected])