CVE-2024-45734

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions 9.1.6, 9.2.3, and 9.3.0

Description: A low-privileged user without the "admin" or "power" Splunk roles could view images on the machine that runs Splunk Enterprise by using the PDF export feature in Splunk classic dashboards. The images on the machine could be exposed by exporting the dashboard as a PDF, using the local image path in the img tag in the source extensible markup language (XML) code for the Splunk classic dashboard. This issue is related to insufficient access control in the PDF export feature.

Recommendations: For version 9.1.6, upgrade to a newer version to mitigate the risk. For version 9.2.3, upgrade to a newer version to mitigate the risk. For version 9.3.0, upgrade to a newer version to mitigate the risk. As a temporary workaround, consider restricting access to the PDF export feature in Splunk classic dashboards until a patch is available.