Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

High-Severity Vulnerability Patched in Splunk Enterprise

The latest Splunk Enterprise releases patch multiple vulnerabilities, including a high-severity flaw in the Windows version.

Splunk on Monday announced patches for multiple vulnerabilities in Splunk Enterprise, including a high-severity bug affecting Windows instances.

Tracked as CVE-2024-23678, the high-severity flaw is described as an issue related to incorrect sanitization of path input data resulting in “the unsafe deserialization of untrusted data from a separate disk partition on the machine”.

Deserialization of untrusted data is a type of vulnerability allowing for the use of malformed data to cause denial of service, abuse application logic, or execute arbitrary code.

CVE-2024-23678, Splunk notes in its advisory, only impacts Splunk Enterprise for Windows. The security defect was resolved in Splunk Enterprise versions 9.0.8 and 9.1.3.

The same releases resolve several other medium-severity vulnerabilities and multiple flaws in third-party packages used within the data monitoring and analysis solution.

The first of these exists because the Splunk app key value store (KV Store) improperly handles permissions for using the REST API, potentially leading to the deletion of KV Store collections.

Another issue allows a low-privileged user to view metrics without permissions, while the third impacts the Splunk RapidDiag utility, which discloses server responses to certain requests in a log file, potentially exposing sensitive information.

The patches for third-party packages resolve a total of ten vulnerabilities, including four rated ‘critical’ severity and four rated ‘high’.

Advertisement. Scroll to continue reading.

Splunk recommends that all customers upgrade their Splunk Enterprise installations to version 9.0.8, 9.1.3, or higher. The company makes no mention of any of these security issues being exploited in malicious attacks.

Additional information on the resolved vulnerabilities can be found on Splunk’s security advisories page.

Related: Intel, AMD, Zoom, Splunk Release Patch Tuesday Security Advisories

Related: Splunk Patches High-Severity Flaws in Enterprise, IT Service Intelligence

Related: High-Severity Vulnerabilities Patched in Splunk Enterprise

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Vulnerabilities

Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.

Vulnerabilities

The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.