Tag
A critical vulnerability, CVE-2024-29945, allows for the exposure of authentication tokens in debug logs within Splunk Enterprise and Splunk Cloud, enabling an attacker with access to internal log files to gain unauthorized access, exfiltrate data, and potentially achieve full compromise of the Splunk infrastructure if unpatched versions (prior to 9.2.1, 9.1.4, and 9.0.9 for Enterprise) are in use.