CVE-2024-22165

Summary

CVE-2024-22165 is a denial-of-service (DoS) vulnerability affecting Splunk Enterprise Security (ES) versions below 7.1.2. An authenticated attacker can create a malformed investigation, leading to the unavailability of the Investigations manager. This renders the Investigations functionality unusable for most users, impacting their ability to conduct investigations and monitor security events effectively. The vulnerability necessitates an authenticated session and access to create an investigation, posing a threat to organizations relying on Splunk ES for security monitoring and analysis.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.