VYPR
Unrated severityNVD Advisory· Published Oct 14, 2024· Updated Feb 28, 2025

Potential Remote Command Execution (RCE) through arbitrary file write to Windows system root directory when Splunk Enterprise for Windows is installed on a separate disk

CVE-2024-45731

Description

In Splunk Enterprise for Windows versions below 9.3.1, 9.2.3, and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could write a file to the Windows system root directory, which has a default location in the Windows System32 folder, when Splunk Enterprise for Windows is installed on a separate drive.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Splunk/Splunk Enterprisellm-fuzzy2 versions
    <9.1.6, <9.2.3, <9.3.1+ 1 more
    • (no CPE)range: <9.1.6, <9.2.3, <9.3.1
    • (no CPE)range: 9.3

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.