CVE-2024-45732 HIGH

CVE-2024-45732: Low-privileged user could run search as nobody in SplunkDeploymentServerConfig app

Vendor Splunk
Product Splunk Enterprise
Weakness CWE-862 · Missing authorization
Published October 14, 2024
Last update February 28, 2025
View on NVD All CVEs

CVSS base score

7.1/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

What the vulnerability does

01Description

In Splunk Enterprise versions below 9.3.1, and 9.2.0 versions below 9.2.3, and Splunk Cloud Platform versions below 9.2.2403.103, 9.1.2312.200, 9.1.2312.110 and 9.1.2308.208, a low-privileged user that does not hold the "admin" or "power" Splunk roles could run a search as the "nobody" Splunk user in the SplunkDeploymentServerConfig app. This could let the low-privileged user access potentially restricted data.

Key dates

02Disclosure timeline

October 14, 2024 CVE published
February 28, 2025 Record updated

Related vulnerabilities

04Related CVE

CVE-2024-53806 WordPress Maspik plugin <= 2.2.7 - CSRF to Settings Change vulnerability CVE-2025-31042 WordPress Sandwich Adsense plugin <= 4.0.2 - Broken Access Control Vulnerability CVE-2025-30797 WordPress Greek Multi Tool – Fix peralinks, accents, auto create menus and more plugin <= 2.3.1 - Broken Access Control Vulnerability CVE-2026-0687 Meta-box GalleryMeta <= 3.0.1 - Missing Authorization to Authenticated (Author+) Gallery Management CVE-2026-53816 OpenClaw < 2026.5.18 - Exec Lifecycle Event Forgery via Paired Node