Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-22164

In Splunk Enterprise Security (ES) versions below 7.1.2, an attacker can use investigation attachments to perform a denial of service (DoS) to the Investigation. The attachment endpoint does not properly limit the size of the request which lets an attacker cause the Investigation to become inaccessible.

Published

2024-01-09T17:15:12.323

Last Modified

2025-06-03T15:15:57.183

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.3 (MEDIUM)

Weaknesses

Type: Secondary
CWE-400
Type: Primary
CWE-770
Type: Secondary
CWE-400

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	splunk	enterprise_security	< 7.1.2	Yes

References

https://advisory.splunk.com/advisories/SVD-2024-0101 Vendor Advisory ([email protected])
https://research.splunk.com/application/bb85b25e-2d6b-4e39-bd27-50db42edcb8f/ Vendor Advisory ([email protected])
https://advisory.splunk.com/advisories/SVD-2024-0101 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://research.splunk.com/application/bb85b25e-2d6b-4e39-bd27-50db42edcb8f/ Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)