PT-2023-27528 · Splunk · Splunk Enterprise

Danylo Dmytriiev

+1

·

Publicado

2023-08-30

·

Atualizado

2024-04-10

·

CVE-2023-40594

CVSS v3.1

7.5

Alta

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 8.2.12 Splunk Enterprise versions prior to 9.0.6 Splunk Enterprise versions prior to 9.1.1
Description The issue allows an attacker to perform a denial of service (DoS) against the Splunk Enterprise instance by using the printf SPL function.
Recommendations For versions prior to 8.2.12, update to version 8.2.12 or later. For versions prior to 9.0.6, update to version 9.0.6 or later. For versions prior to 9.1.1, update to version 9.1.1 or later.

Correção

DoS

Resource Exhaustion

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-400

Identificadores relacionados

CVE-2023-40594

Produtos afetados

Splunk Enterprise