Splunk on Monday announced patches for multiple vulnerabilities in Splunk Enterprise, including a high-severity bug affecting Windows instances.
Tracked as CVE-2024-23678, the high-severity flaw is described as an issue related to incorrect sanitization of path input data resulting in “the unsafe deserialization of untrusted data from a separate disk partition on the machine”.
Deserialization of untrusted data is a type of vulnerability allowing for the use of malformed data to cause denial of service, abuse application logic, or execute arbitrary code.
[...]
High-Severity Vulnerability Patched in Splunk Enterprise
High-Severity Vulnerability Patched in Splunk Enterprise
-
rbc
- President
- Posts: 291
- Joined: Mon Oct 30, 2023 1:32 am
- Location: Vicksburg, MS
- ISC2 Member Status: Yes
- Contact:
High-Severity Vulnerability Patched in Splunk Enterprise
Robert B. Carleton + ISC2 Central Mississippi President