Splunk addressed multiple vulnerabilities in Splunk Enterprise, including a high-severity flaw impacting Windows installs.
Splunk addressed multiple vulnerabilities in Splunk Enterprise, including a high-severity flaw, tracked as CVE-2024-23678 (CVSS score 7.5), impacting the Windows version.
According to the advisory, Splunk Enterprise for Windows versions below 9.0.8 and 9.1.3 does not correctly sanitize path input data. This results in the unsafe deserialization of untrusted data from a separate disk partition on the machine.
This vulnerability only affects Splunk Enterprise for Windows.
Customers are recommended to upgrade versions 9.0.8, 9.1.3, or higher. The vendor pointed out that the vulnerability does not affect the Cloud Platform.
The issue was discovered by Danylo Dmytriiev (DDV_UA).
The company did not reveal if it is aware of attacks in the wild exploiting this vulnerability.
Below are other vulnerabilities addressed by the company: