In Splunk Enterprise for Windows versions below 9.0.8 and 9.1.3, Splunk Enterprise does not correctly sanitize path input data. This results in the unsafe deserialization of untrusted data from a separate disk partition on the machine. This vulnerability only affects Splunk Enterprise for Windows.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: Splunk

Published: 2024-01-22T20:37:43.095Z

Updated: 2024-12-10T18:01:17.852Z

Reserved: 2024-01-19T16:28:17.341Z

Link: CVE-2024-23678

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2024-01-22T21:15:10.920

Modified: 2024-11-21T08:58:09.327

Link: CVE-2024-23678

cve-icon Redhat

No data.