ГлавнаяУязвимости → CVE-2024-23678
7.5высокая

CVE-2024-23678

Описание

In Splunk Enterprise for Windows versions below 9.0.8 and 9.1.3, Splunk Enterprise does not correctly sanitize path input data. This results in the unsafe deserialization of untrusted data from a separate disk partition on the machine. This vulnerability only affects Splunk Enterprise for Windows.

Затрагиваемое ПО
Splunk Splunk
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
Источники
https://advisory.splunk.com/advisories/SVD-2024-0108https://research.splunk.com/application/947d4d2e-1b64-41fc-b32a-736ddb88ce97/https://advisory.splunk.com/advisories/SVD-2024-0108https://research.splunk.com/application/947d4d2e-1b64-41fc-b32a-736ddb88ce97/