PT-2025-3854 · Splunk · Splunk Supporting Add-On For Active Directory
Kyle Bambrick
·
Published
2025-01-15
·
Updated
2025-01-30
·
CVE-2025-0367
CVSS v2.0
6.8
Medium
| Vector | AV:N/AC:L/Au:S/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Splunk Supporting Add-on for Active Directory versions 3.1.0 and earlier
Description
A vulnerable regular expression pattern in the Splunk Supporting Add-on for Active Directory could lead to a Regular Expression Denial of Service (ReDoS) attack.
Recommendations
For versions 3.1.0 and earlier, consider updating to a version that fixes the vulnerable regular expression pattern to prevent ReDoS attacks.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
DoS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Splunk Supporting Add-On For Active Directory