Splunk · Splunk Enterprise · CVE-2021-32559
**Name of the Vulnerable Software and Affected Versions**
pywin32 versions prior to b301
**Description**
An integer overflow exists when adding an access control entry (ACE) to an access control list (ACL) that would cause the size to be greater than 65535 bytes. This could allow a remote attacker to crash the vulnerable process. The issue is related to the pywin32 package used in the Splunk Enterprise platform for operational analysis.
**Recommendations**
For versions prior to b301, update to version b301 or later to resolve the issue. As a temporary workaround, consider restricting the size of access control lists to prevent the integer overflow.