CVE-2024-23678 HIGH

CVE-2024-23678: Deserialization of Untrusted Data on Splunk Enterprise for Windows through Path Traversal from Separate Disk Partition

Vendor Splunk
Product Splunk Enterprise
Weakness CWE-20 · Input validation
Published January 22, 2024
Last update June 17, 2025

CVSS base score

7.5/10
Attack vector Local
Attack complexity High
Privileges required Low
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

In Splunk Enterprise for Windows versions below 9.0.8 and 9.1.3, Splunk Enterprise does not correctly sanitize path input data. This results in the unsafe deserialization of untrusted data from a separate disk partition on the machine. This vulnerability only affects Splunk Enterprise for Windows.

Key dates

02Disclosure timeline

January 22, 2024 CVE published
June 17, 2025 Record updated