The vulnerability of the information extraction application for Active Directory in Splunk’s Supporting Add-on for Active Directory lies in the use of a regular expression with high computational complexity, which can lead to service interruptions.

The vulnerability of the Active Directory data extraction application “Splunk Supporting Add-on for Active Directory” is related to the use of a regular expression with high computational complexity. Exploiting this vulnerability could allow an attacker to cause a service failure...

CVE-2025-0367 Regular Expression Denial of Service (ReDoS) in Splunk Supporting Add-on for Active Directory (SA-ldapsearch)

In versions 3.1.0 and lower of the Splunk Supporting Add-on for Active Directory, also known as SA-ldapsearch, a vulnerable regular expression pattern could lead to a Regular Expression Denial of Service ReDoS attack...

CVE-2025-0367

CVE-2025-0367 affects the Splunk Supporting Add-on for Active Directory (SA-ldapsearch). The vulnerable component is a regular expression pattern in versions 3.1.0 and earlier, which can be exploited to trigger a Regular Expression Denial of Service (ReDoS). Public records indicate a potential im...