CVE-2024-22164 MEDIUM

CVE-2024-22164: Denial of Service of an Investigation in Splunk Enterprise Security through Investigation attachments

Vendor Splunk

Product Splunk Enterprise Security (ES)

Weakness CWE-400

Published January 9, 2024

Last update June 3, 2025

View on NVD All CVEs

CVSS base score

4.3/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality None

Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

What the vulnerability does

01Description

In Splunk Enterprise Security (ES) versions below 7.1.2, an attacker can use investigation attachments to perform a denial of service (DoS) to the Investigation. The attachment endpoint does not properly limit the size of the request which lets an attacker cause the Investigation to become inaccessible.

Key dates

02Disclosure timeline

January 9, 2024 CVE published

June 3, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2024-22164

Related vulnerabilities

Identifiers

CVE CVE-2024-22164

CWE CWE-400

CVSS 4.3 / MEDIUM

Affected versions

Vendor Splunk

Product Splunk Enterprise Security (ES)

Affected ≥ 7.3 and < 7.3.0

Vendor Splunk

Product Splunk Enterprise Security (ES)

Affected ≥ 7.2 and < 7.2.0

Vendor Splunk

Product Splunk Enterprise Security (ES)

Affected ≥ 7.1 and < 7.1.2

CVE-2024-22164: Denial of Service of an Investigation in Splunk Enterprise Security through Investigation attachments

01Description

02Disclosure timeline

03References

04Related CVE