In Splunk Enterprise Security (ES) versions below 7.1.2, an attacker can use investigation attachments to perform a denial of service (DoS) to the Investigation. The attachment endpoint does not properly limit the size of the request which lets an attacker cause the Investigation to become inaccessible.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: Splunk

Published: 2024-01-09T17:01:07.832Z

Updated: 2024-12-10T18:00:35.306Z

Reserved: 2024-01-05T16:53:01.503Z

Link: CVE-2024-22164

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2024-01-09T17:15:12.323

Modified: 2024-11-21T08:55:43.037

Link: CVE-2024-22164

cve-icon Redhat

No data.