CVE-2024-45739

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.3.1 Splunk Enterprise versions prior to 9.2.3 Splunk Enterprise versions prior to 9.1.6

Description: The software potentially exposes plaintext passwords for local native authentication Splunk users when the Splunk Enterprise AdminManager log channel is configured at the DEBUG logging level. This issue is related to insufficient protection of service data, which could allow a remote attacker to disclose protected information.

Recommendations: For versions prior to 9.3.1, update to version 9.3.1 or later to resolve the issue. For versions prior to 9.2.3, update to version 9.2.3 or later to resolve the issue. For versions prior to 9.1.6, update to version 9.1.6 or later to resolve the issue. As a temporary workaround, consider avoiding the configuration of the Splunk Enterprise AdminManager log channel at the DEBUG logging level until a patch is available.