Critical Vulnerabilities Discovered in Splunk Software Suite

Threat: Vulnerability

Criticality: High

[subscribe_to_unlock_form]

EXECUTIVE SUMMARY:

Two high-severity vulnerabilities, identified as CVE-2024-29945 and CVE-2024-29946, have been disclosed in Splunk Enterprise and Splunk Cloud Platform. CVE-2024-29945 affects Splunk Enterprise potentially exposing authentication tokens during the token validation process. This could lead to unauthorized access to sensitive data, necessitating immediate action to disable debug mode, restart instances without the –debug argument, and rotate any potentially exposed tokens. CVE-2024-29946, Splunk Enterprise and Splunk Cloud Platform resides in the Dashboard Examples Hub, allowing attackers to bypass safeguards for risky SPL commands. It's advised to upgrade to fixed versions or disable/delete the Dashboard Examples Hub app. These vulnerabilities underscore the criticality of maintaining up-to-date software and implementing recommended mitigation strategies to safeguard against potential threats.[/subscribe_to_unlock_form]

EXECUTIVE SUMMARY:

Recommendation:

We strongly recommend you update Splunk Enterprise to versions 9.2.1, 9.1.4, 9.0.9 and Splunk Cloud Platform to version 9.1.2312.100

REFERENCES:

The following reports contain further technical details:

https://cybersecuritynews.com/splunk-vulnerabilities-spl-safeguards/

[/emaillocker]

Recent Advisories

Paper Werewolf Expands Malware Delivery Operations

May 18, 2026

KACE SMA Exploitation Campaign Targets Multiple Sectors

May 18, 2026

Chinese APT Group Exploits Unpatched Vulnerabilities

May 18, 2026

Node IPC Package Compromise Impacts Developer Environments

May 18, 2026

Critical Vulnerabilities Discovered in Splunk Software Suite

Recent Advisories

Report an Incident