Splunk ES DoS via oversized investigation attachments <7.1.2
CVE-2024-22164 Published on January 9, 2024
Denial of Service of an Investigation in Splunk Enterprise Security through Investigation attachments
In Splunk Enterprise Security (ES) versions below 7.1.2, an attacker can use investigation attachments to perform a denial of service (DoS) to the Investigation. The attachment endpoint does not properly limit the size of the request which lets an attacker cause the Investigation to become inaccessible.
Weakness Type
What is a Resource Exhaustion Vulnerability?
The software does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.
CVE-2024-22164 has been classified to as a Resource Exhaustion vulnerability or weakness.
Products Associated with CVE-2024-22164
Want to know whenever a new CVE is published for Splunk Enterprise Security? stack.watch will email you.
Affected Versions
Splunk Enterprise Security (ES):- Version 7.3 and below 7.3.0 is affected.
- Version 7.2 and below 7.2.0 is affected.
- Version 7.1 and below 7.1.2 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.