VYPR
Unrated severityNVD Advisory· Published Oct 14, 2024· Updated Feb 28, 2025

Sensitive information disclosure in AdminManager logging channel

CVE-2024-45739

Description

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes plaintext passwords for local native authentication Splunk users. This exposure could happen when you configure the Splunk Enterprise AdminManager log channel at the DEBUG logging level.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Splunk/Splunk Enterprisellm-fuzzy2 versions
    <9.1.6 || >=9.2.0<9.2.3 || >=9.3.0<9.3.1+ 1 more
    • (no CPE)range: <9.1.6 || >=9.2.0<9.2.3 || >=9.3.0<9.3.1
    • (no CPE)range: 9.3

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.