CVE-2024-22164

Name of the Vulnerable Software and Affected Versions Splunk Enterprise Security (ES) versions prior to 7.1.2

Description The issue allows an attacker to perform a denial of service (DoS) to the Investigation by using investigation attachments. This is possible because the attachment endpoint does not properly limit the size of the request, letting an attacker cause the Investigation to become inaccessible.

Recommendations For versions prior to 7.1.2, update to version 7.1.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the attachment endpoint to minimize the risk of exploitation.