关键漏洞信息 Advisory ID: SVD-2024-0108 CVE ID: CVE-2024-23678 Published: 2024-01-22 Last Update: 2024-01-30 CVSSv3.1 Score: 7.5, High CWE: CWE-20 Bug ID: SPL-240674 Description In Splunk Enterprise for Windows versions below 9.0.8 and 9.1.3, Splunk Enterprise does not correctly sanitize path input data. This results in the unsafe deserialization of untrusted data from a separate disk partition on the machine. This vulnerability only affects Splunk Enterprise for Windows. Solution Upgrade Splunk Enterprise for Windows to 9.0.8, 9.1.3, or higher. Product Status Mitigations and Workarounds If users do not log in to Splunk Web on instances in a distributed environment, disable Splunk Web on those instances. Severity Splunk rates this vulnerability a 7.5, High, with a CVSSv3.1 vector of CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H. If you do not run Splunk Enterprise on a Windows machine, then there is no impact and the severity is Informational.