Vulnerability Description
In Splunk Enterprise Security (ES) versions below 7.1.2, an attacker can use investigation attachments to perform a denial of service (DoS) to the Investigation. The attachment endpoint does not properly limit the size of the request which lets an attacker cause the Investigation to become inaccessible.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Splunk | Enterprise Security | >= 7.1.0, < 7.1.2 |
Related Weaknesses (CWE)
References
- https://advisory.splunk.com/advisories/SVD-2024-0101Vendor Advisory
- https://research.splunk.com/application/bb85b25e-2d6b-4e39-bd27-50db42edcb8f/Vendor Advisory
- https://advisory.splunk.com/advisories/SVD-2024-0101Vendor Advisory
- https://research.splunk.com/application/bb85b25e-2d6b-4e39-bd27-50db42edcb8f/Vendor Advisory
FAQ
What is CVE-2024-22164?
CVE-2024-22164 is a vulnerability with a CVSS score of 4.3 (MEDIUM). In Splunk Enterprise Security (ES) versions below 7.1.2, an attacker can use investigation attachments to perform a denial of service (DoS) to the Investigation. The attachment endpoint does not prope...
How severe is CVE-2024-22164?
CVE-2024-22164 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-22164?
Check the references section above for vendor advisories and patch information. Affected products include: Splunk Enterprise Security.