In Splunk Enterprise for Windows versions below 9.0.8 and 9.1.3, Splunk Enterprise does not correctly sanitize path input data. This results in the unsafe deserialization of untrusted data from a separate disk partition on the machine. This vulnerability only affects Splunk Enterprise for Windows.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Splunk
Published: 2024-01-22T20:37:43.095Z
Updated: 2024-12-10T18:01:17.852Z
Reserved: 2024-01-19T16:28:17.341Z
Link: CVE-2024-23678
Vulnrichment
No data.
NVD
Status : Modified
Published: 2024-01-22T21:15:10.920
Modified: 2024-11-21T08:58:09.327
Link: CVE-2024-23678
Redhat
No data.