Splunk addressed a high-severity flaw, CVE-2024-23678 (CVSS 7.5), in Splunk Enterprise for Windows below versions 9.0.8 and 9.1.3. The vulnerability arises from incorrect path input data sanitization, leading to unsafe deserialization of untrusted data. This flaw could allow the execution of malicious code on the system. The vulnerability doesn’t impact the Cloud Platform. The advice is to promptly apply security patches.
You Might Be Interested In
- Report Criticizes Microsoft: Security Missteps in Chinese Cyberattack
- LockBit Maintains Relevance with Latest Update
- Hackers Providing Access to 3000 Fortinet SSL-VPN Systems
- Fortinet Alerts Users to Critical SQL Injection Vulnerability
- CISA’s New Guidance Aims to Improve SBOM Implementation
- SEC X Account Hacked, Pushing Fake Bitcoin News