Primary

Context

Splunk Supporting Add-on for Active Directory Regular Expression Denial-of-Service Vulnerability

Vulnerability

A Regular Expression Denial-of-Service (ReDoS) vulnerability has been identified in versions 3.1.0 and earlier of the Splunk Supporting Add-on for Active Directory, also known as SA-ldapsearch. The issue arises from a vulnerable regular expression pattern that can be exploited to cause a denial-of-service condition by degrading the performance of the application.

Impact

Exploitation of this vulnerability can lead to a Regular Expression Denial-of-Service (ReDoS) condition, where an attacker can cause the application to consume excessive resources, potentially leading to degraded performance or unresponsiveness.

Remediation

Users are advised to upgrade the Splunk Supporting Add-on for Active Directory to version 3.1.1 or higher.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Splunk Supporting Add-on for Active Directory Regular Expression Denial-of-Service Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating