Unrated severityNVD Advisory· Published Oct 14, 2024· Updated Feb 28, 2025
Potential Remote Command Execution (RCE) through arbitrary file write to Windows system root directory when Splunk Enterprise for Windows is installed on a separate disk
CVE-2024-45731
Description
In Splunk Enterprise for Windows versions below 9.3.1, 9.2.3, and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could write a file to the Windows system root directory, which has a default location in the Windows System32 folder, when Splunk Enterprise for Windows is installed on a separate drive.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<9.1.6, <9.2.3, <9.3.1+ 1 more
- (no CPE)range: <9.1.6, <9.2.3, <9.3.1
- (no CPE)range: 9.3
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.