CVE-2024-23678 — Improper Input Validation in Enterprise

CWE-20 — Improper Input Validation3 documents3 sources

Severity

8.8HIGHNVD

CNA7.5

EPSS

0.1%

top 75.45%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Splunk Enterprise Splunk

Timeline

PublishedJan 22

Description

In Splunk Enterprise for Windows versions below 9.0.8 and 9.1.3, Splunk Enterprise does not correctly sanitize path input data. This results in the unsafe deserialization of untrusted data from a separate disk partition on the machine. This vulnerability only affects Splunk Enterprise for Windows.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 2.0 | Impact: 6.0

Affected Packages2 packages

▶CVEListV5splunk/splunk_enterprise9.0 — 9.0.8+1

▶NVDsplunk/splunk9.0.0 — 9.0.8+1

🔴Vulnerability Details

CVEList

Deserialization of Untrusted Data on Splunk Enterprise for Windows through Path Traversal from Separate Disk Partition↗2024-01-22

▶

GHSA

GHSA-7fqg-p5hm-92r9: In Splunk Enterprise for Windows versions below 9↗2024-01-22

▶