Unsafe Deserialization of Untrusted Data in Splunk Enterprise for Windows
CVE-2024-23678

7.5HIGH

Key Information:

Vendor: Splunk
Status: Splunk Enterprise
Vendor: CVE Published:; 22 January 2024

Badges

📰 News Worthy

Summary

Splunk Enterprise for Windows prior to versions 9.0.8 and 9.1.3 is affected by a vulnerability that improperly handles path input data. This flaw leads to the unsafe deserialization of untrusted data originating from another disk partition on the same machine. Such a security weakness could potentially be exploited to inject malicious data, compromising the integrity and security of the application. Correct sanitization practices are crucial to mitigate this risk and ensure the safe handling of path inputs.

Affected Version(s)

Splunk Enterprise 9.0 < 9.0.8

Splunk Enterprise 9.1 < 9.1.3

News Articles

TheCyberThrone

CVE-2024-23678

Splunk Patches CVE-2024-23678 Deserialization bug

Splunk has addressed multiple vulnerabilities in Splunk Enterprise that includes a high-severity deserialization flaw. The vulnerability tracked as CVE-2024-23678 with CVSS score 7.5, impacting the Windows version. The advisory stats that Splunk Enterprise for Windows versions below 9.0.8 and 9.1.3 ...

References

https://advisory.splunk.com/advisories/SVD-2024-0108

https://research.splunk.com/application/947d4d2e-1b64-41f...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

📰
First article discovered by TheCyberThrone
Jan 24, 2024
Vulnerability published
Jan 22, 2024
Vulnerability Reserved
Jan 19, 2024

Credit

Danylo Dmytriiev (DDV_UA)

Key Information:

Badges

Summary

Affected Version(s)

Get notified when SecurityVulnerability.io launches alerting 🔔

News Articles

Splunk Patches CVE-2024-23678 Deserialization bug

References

CVSS V3.1

Timeline

Credit