CVE-2024-45738

Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 9.3.1 Splunk Enterprise versions prior to 9.2.3 Splunk Enterprise versions prior to 9.1.6

Description The software potentially exposes sensitive HTTP parameters to the internal index if the REST Calls log channel is configured at the DEBUG logging level. This issue is related to insufficient protection of service data, which could allow a remote attacker to gain unauthorized access to protected information.

Recommendations For versions prior to 9.3.1, update to version 9.3.1 or later to resolve the issue. For versions prior to 9.2.3, update to version 9.2.3 or later to resolve the issue. For versions prior to 9.1.6, update to version 9.1.6 or later to resolve the issue. As a temporary workaround, consider configuring the REST Calls log channel at a logging level other than DEBUG to minimize the risk of sensitive HTTP parameter exposure.