What is the severity of CVE-2024-45732?

CVE-2024-45732 is considered a low-severity vulnerability affecting specific Splunk versions.

How do I fix CVE-2024-45732?

To resolve CVE-2024-45732, upgrade your Splunk Enterprise or Splunk Cloud Platform to the latest version specified in the advisory.

Which versions are affected by CVE-2024-45732?

CVE-2024-45732 affects Splunk Enterprise versions below 9.3.1 and 9.2.0 below 9.2.3, as well as specific Splunk Cloud Platform versions.

What type of user can exploit CVE-2024-45732?

CVE-2024-45732 can be exploited by low-privileged users who do not hold the 'admin' or 'power' roles in Splunk.

Is there a patch available for CVE-2024-45732?

Yes, patches for CVE-2024-45732 are included in the latest releases of the affected Splunk versions.

Vulnerability/
CVE-2024-45732

high

7.1

CWE

862

14/10/2024

28/2/2025

CVE-2024-45732: Low-privileged user could run search as nobody in SplunkDeploymentServerConfig app

First published: Mon Oct 14 2024(Updated: )

In Splunk Enterprise versions below 9.3.1, and 9.2.0 versions below 9.2.3, and Splunk Cloud Platform versions below 9.2.2403.103, 9.1.2312.200, 9.1.2312.110 and 9.1.2308.208, a low-privileged user that does not hold the "admin" or "power" Splunk roles could run a search as the "nobody" Splunk user in the SplunkDeploymentServerConfig app. This could let the low-privileged user access potentially restricted data.

Credit: prodsec@splunk.com

Affected Software	Affected Version	How to fix
Splunk	>=9.2.0<9.2.3
Splunk	=9.3.0
Splunk Cloud Platform	<9.1.2308.208
Splunk Cloud Platform	>=9.1.2312.100<9.1.2312.110
Splunk Cloud Platform	>=9.2.2403.102<9.2.2403.103

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-45732?
CVE-2024-45732 is considered a low-severity vulnerability affecting specific Splunk versions.
How do I fix CVE-2024-45732?
To resolve CVE-2024-45732, upgrade your Splunk Enterprise or Splunk Cloud Platform to the latest version specified in the advisory.
Which versions are affected by CVE-2024-45732?
CVE-2024-45732 affects Splunk Enterprise versions below 9.3.1 and 9.2.0 below 9.2.3, as well as specific Splunk Cloud Platform versions.
What type of user can exploit CVE-2024-45732?
CVE-2024-45732 can be exploited by low-privileged users who do not hold the 'admin' or 'power' roles in Splunk.
Is there a patch available for CVE-2024-45732?
Yes, patches for CVE-2024-45732 are included in the latest releases of the affected Splunk versions.

agent/weakness
agent/title
agent/references
agent/description
agent/first-publish-date
agent/type
agent/author
agent/event
agent/severity
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
agent/softwarecombine
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/splunk
canonical/splunk
version/splunk/9.2.0
version/splunk/9.3.0
canonical/splunk cloud platform
version/splunk cloud platform/9.1.2312.100
version/splunk cloud platform/9.2.2403.102

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.