{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-22164","assignerOrgId":"42b59230-ec95-491e-8425-5a5befa1a469","state":"PUBLISHED","assignerShortName":"Splunk","dateReserved":"2024-01-05T16:53:01.503Z","datePublished":"2024-01-09T17:01:07.832Z","dateUpdated":"2025-06-03T14:31:04.696Z"},"containers":{"cna":{"affected":[{"product":"Splunk Enterprise Security (ES)","vendor":"Splunk","versions":[{"version":"7.3","status":"affected","versionType":"custom","lessThan":"7.3.0"},{"version":"7.2","status":"affected","versionType":"custom","lessThan":"7.2.0"},{"version":"7.1","status":"affected","versionType":"custom","lessThan":"7.1.2"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"In Splunk Enterprise Security (ES) versions below 7.1.2, an attacker can use investigation attachments to perform a denial of service (DoS) to the Investigation. The attachment endpoint does not properly limit the size of the request which lets an attacker cause the Investigation to become inaccessible."}],"value":"In Splunk Enterprise Security (ES) versions below 7.1.2, an attacker can use investigation attachments to perform a denial of service (DoS) to the Investigation. The attachment endpoint does not properly limit the size of the request which lets an attacker cause the Investigation to become inaccessible."}],"references":[{"url":"https://advisory.splunk.com/advisories/SVD-2024-0101"},{"url":"https://research.splunk.com/application/bb85b25e-2d6b-4e39-bd27-50db42edcb8f/"}],"title":"Denial of Service of an Investigation in Splunk Enterprise Security through Investigation attachments","datePublic":"2024-01-09T00:00:00.000Z","metrics":[{"cvssV3_1":{"vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","version":"3.1","baseScore":4.3,"baseSeverity":"MEDIUM"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"lang":"en","type":"cwe","description":"The software does not properly control the allocation and maintenance of a limited resource thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.","cweId":"CWE-400"}]}],"source":{"advisory":"SVD-2024-0101"},"credits":[{"lang":"en","value":"Vikram Ashtaputre, Splunk"}],"providerMetadata":{"orgId":"42b59230-ec95-491e-8425-5a5befa1a469","shortName":"Splunk","dateUpdated":"2025-02-28T11:03:48.237Z"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-01T22:35:34.908Z"},"title":"CVE Program Container","references":[{"url":"https://advisory.splunk.com/advisories/SVD-2024-0101","tags":["x_transferred"]},{"url":"https://research.splunk.com/application/bb85b25e-2d6b-4e39-bd27-50db42edcb8f/","tags":["x_transferred"]}]},{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-400","lang":"en","description":"CWE-400 Uncontrolled Resource Consumption"}]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-05-08T15:56:30.171752Z","id":"CVE-2024-22164","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-06-03T14:31:04.696Z"}}]}}