Vulnerability Description
In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the software potentially exposes authentication tokens during the token validation process. This exposure happens when either Splunk Enterprise runs in debug mode or the JsonWebToken component has been configured to log its activity at the DEBUG logging level.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Splunk | Splunk | >= 9.0.0, < 9.0.9 |
Related Weaknesses (CWE)
References
- https://advisory.splunk.com/advisories/SVD-2024-0301MitigationVendor Advisory
- https://research.splunk.com/application/9a67e749-d291-40dd-8376-d422e7ecf8b5Technical DescriptionVendor Advisory
- https://advisory.splunk.com/advisories/SVD-2024-0301MitigationVendor Advisory
- https://research.splunk.com/application/9a67e749-d291-40dd-8376-d422e7ecf8b5Technical DescriptionVendor Advisory
FAQ
What is CVE-2024-29945?
CVE-2024-29945 is a vulnerability with a CVSS score of 7.2 (HIGH). In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the software potentially exposes authentication tokens during the token validation process. This exposure happens when either Splunk Enterp...
How severe is CVE-2024-29945?
CVE-2024-29945 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-29945?
Check the references section above for vendor advisories and patch information. Affected products include: Splunk Splunk.