{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-09T06:45:35.993","vulnerabilities":[{"cve":{"id":"CVE-2024-45731","sourceIdentifier":"prodsec@splunk.com","published":"2024-10-14T17:15:11.177","lastModified":"2024-10-17T13:09:33.017","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In Splunk Enterprise for Windows versions below 9.3.1, 9.2.3, and 9.1.6, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could write a file to the Windows system root directory, which has a default location in the Windows System32 folder, when Splunk Enterprise for Windows is installed on a separate drive."},{"lang":"es","value":"En las versiones de Splunk Enterprise para Windows anteriores a 9.3.1, 9.2.3 y 9.1.6, un usuario con privilegios bajos que no tenga los roles de \"administrador\" o \"poder\" de Splunk podría escribir un archivo en el directorio raíz del sistema de Windows, que tiene una ubicación predeterminada en la carpeta System32 de Windows, cuando Splunk Enterprise para Windows está instalado en una unidad separada."}],"metrics":{"cvssMetricV31":[{"source":"prodsec@splunk.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H","baseScore":8.0,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.3,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","baseScore":8.0,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.1,"impactScore":5.9}]},"weaknesses":[{"source":"prodsec@splunk.com","type":"Secondary","description":[{"lang":"en","value":"CWE-23"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"9.1.0","versionEndExcluding":"9.1.6","matchCriteriaId":"FB935ACC-3899-47DE-B4C0-CB94CAC79AC2"},{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"9.2.0","versionEndExcluding":"9.2.3","matchCriteriaId":"14D07F5E-504B-447B-988B-BF6ADA59F8D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:splunk:9.3.0:*:*:*:enterprise:*:*:*","matchCriteriaId":"11F038B4-1335-4F4E-9013-E6D6152DCD20"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://advisory.splunk.com/advisories/SVD-2024-1001","source":"prodsec@splunk.com","tags":["Vendor Advisory"]},{"url":"https://research.splunk.com/application/c97e0704-d9c6-454d-89ba-1510a987bf72/","source":"prodsec@splunk.com","tags":["Vendor Advisory"]}]}}]}