Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2024-45733

In Splunk Enterprise for Windows versions below 9.2.3 and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could perform a Remote Code Execution (RCE) due to an insecure session storage configuration.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 72.8%
CVSS Severity
CVSS v3 Score 8.8
Products affected by CVE-2024-45733
  • Splunk » Splunk » Version: 9.1.0
    cpe:2.3:a:splunk:splunk:9.1.0
  • Splunk » Splunk » Version: 9.1.0.1
    cpe:2.3:a:splunk:splunk:9.1.0.1
  • Splunk » Splunk » Version: 9.1.0.2
    cpe:2.3:a:splunk:splunk:9.1.0.2
  • Splunk » Splunk » Version: 9.1.1
    cpe:2.3:a:splunk:splunk:9.1.1
  • Splunk » Splunk » Version: 9.1.2
    cpe:2.3:a:splunk:splunk:9.1.2
  • Splunk » Splunk » Version: 9.1.3
    cpe:2.3:a:splunk:splunk:9.1.3
  • Splunk » Splunk » Version: 9.1.4
    cpe:2.3:a:splunk:splunk:9.1.4
  • Splunk » Splunk » Version: 9.1.5
    cpe:2.3:a:splunk:splunk:9.1.5
  • Splunk » Splunk » Version: 9.2.0
    cpe:2.3:a:splunk:splunk:9.2.0
  • Splunk » Splunk » Version: 9.2.1
    cpe:2.3:a:splunk:splunk:9.2.1
  • Splunk » Splunk » Version: 9.2.2
    cpe:2.3:a:splunk:splunk:9.2.2
  • Microsoft » Windows » Version: N/A
    cpe:2.3:o:microsoft:windows:-


Products
Pricing
Contact Us

Shodan ® - All rights reserved