Splunk 9.3.0 Enterprise Edition
Approved changes feed: RSS · Atom
cpe:2.3:a:splunk:splunk:9.3.0:*:*:*:enterprise:*:*:*
part: a version: 9.3.0 update: *
| Vendor | Splunk (0f7ef08f-e3f5-59a4-ba5f-26afb7835b46) |
|---|---|
| Product | Splunk (22a1d8ad-9b0f-51c8-ad24-657c0c14204c) |
| Edition | * |
| Language | * |
| Software edition | enterprise |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-45738 |
vulnerable | 2026-06-03 14:56:58.592721 |
Sensitive information disclosure in REST_Calls logging channel
MEDIUM (4.9)
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes sensitive HTTP parameters to the `_internal` index. This exposure could happen if you configure the Splunk Enterprise `REST_Calls` log channel at the DEBUG logging level.
Published: 2024-10-14T17:03:38.142Z
Updated: 2025-02-28T11:03:47.990Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-45737 |
vulnerable | 2026-06-03 14:56:58.592321 |
Maintenance mode state change of App Key Value Store (KVStore) through Cross-Site Request Forgery (CSRF)
MEDIUM (4.3)
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108, and 9.1.2312.204, a low-privileged user that does not hold the "admin" or "power" Splunk roles could change the maintenance mode state of App Key Value Store (KVStore) through a Cross-Site Request Forgery (CSRF).
Published: 2024-10-14T17:03:37.328Z
Updated: 2025-02-28T11:03:53.256Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-45736 |
vulnerable | 2026-06-03 14:56:58.591748 |
Improperly Formatted ‘INGEST_EVAL’ Parameter Crashes Splunk Daemon
MEDIUM (6.5)
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.107, 9.1.2312.204, and 9.1.2312.111, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a search query with an improperly formatted "INGEST_EVAL" parameter as part of a [Field Transformation](https://docs.splunk.com/Documentation/Splunk/latest/Knowledge/Managefieldtransforms) which could crash the Splunk daemon (splunkd).
Published: 2024-10-14T17:03:34.828Z
Updated: 2025-02-28T11:03:54.861Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-45732 |
vulnerable | 2026-06-03 14:56:58.585727 |
Low-privileged user could run search as nobody in SplunkDeploymentServerConfig app
HIGH (7.1)
In Splunk Enterprise versions below 9.3.1, and 9.2.0 versions below 9.2.3, and Splunk Cloud Platform versions below 9.2.2403.103, 9.1.2312.200, 9.1.2312.110 and 9.1.2308.208, a low-privileged user that does not hold the "admin" or "power" Splunk roles could run a search as the "nobody" Splunk user in the SplunkDeploymentServerConfig app. This could let the low-privileged user access potentially restricted data.
Published: 2024-10-14T17:03:35.668Z
Updated: 2025-02-28T11:03:50.807Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-45731 |
vulnerable | 2026-06-03 14:56:58.584086 |
Potential Remote Command Execution (RCE) through arbitrary file write to Windows system root directory when Splunk Enterprise for Windows is installed on a separate disk
HIGH (8)
In Splunk Enterprise for Windows versions below 9.3.1, 9.2.3, and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could write a file to the Windows system root directory, which has a default location in the Windows System32 folder, when Splunk Enterprise for Windows is installed on a separate drive.
Published: 2024-10-14T16:46:01.751Z
Updated: 2025-02-28T11:03:47.249Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.