PT-2021-8043 · Splunk · Splunk Enterprise

Joshua-Triplett-Mandiant

Published

2021-07-06

Updated

2025-03-27

CVE-2021-32559

CVSS v4.0

7.1

High

Vector

AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions pywin32 versions prior to b301

Description An integer overflow exists when adding an access control entry (ACE) to an access control list (ACL) that would cause the size to be greater than 65535 bytes. This could allow a remote attacker to crash the vulnerable process. The issue is related to the pywin32 package used in the Splunk Enterprise platform for operational analysis.

Recommendations For versions prior to b301, update to version b301 or later to resolve the issue. As a temporary workaround, consider restricting the size of access control lists to prevent the integer overflow.

Fix

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

BDU:2024-04290

CVE-2021-32559

GHSA-HWFP-HG2M-9VR2

PYSEC-2021-112

Affected Products

Splunk Enterprise

PT-2021-8043 · Splunk · Splunk Enterprise

CVE-2021-32559

Weakness Enumeration

Related Identifiers

Affected Products

References · 18