High-Severity Vulnerability Patched in Splunk Enterprise
Posted: Tue Jan 23, 2024 3:57 pm
Splunk on Monday announced patches for multiple vulnerabilities in Splunk Enterprise, including a high-severity bug affecting Windows instances.
Tracked as CVE-2024-23678, the high-severity flaw is described as an issue related to incorrect sanitization of path input data resulting in “the unsafe deserialization of untrusted data from a separate disk partition on the machine”.
Deserialization of untrusted data is a type of vulnerability allowing for the use of malformed data to cause denial of service, abuse application logic, or execute arbitrary code.
[...]
High-Severity Vulnerability Patched in Splunk Enterprise
Tracked as CVE-2024-23678, the high-severity flaw is described as an issue related to incorrect sanitization of path input data resulting in “the unsafe deserialization of untrusted data from a separate disk partition on the machine”.
Deserialization of untrusted data is a type of vulnerability allowing for the use of malformed data to cause denial of service, abuse application logic, or execute arbitrary code.
[...]
High-Severity Vulnerability Patched in Splunk Enterprise