Splunk Exam SPLK-2001 Topic 14 Question 16 Discussion

Actual exam question for Splunk's SPLK-2001 exam

Question #: 16
Topic #: 14

Consider the following Python code snippet used in a Splunk add-on:

if not os.path.exists(full_path): self.doAction(full_path, header) else: f = open (full_path) oldORnew = f.readline().split('','') f.close()

An attacker could create a denial of service by causing an error in either the open() or readline()

commands. What type of vulnerability is this?

ACWE-693: Protection Mechanism Failure

BCWE-562: Return of Stack Variable Address

CCWE-404: Improper Resource Shutdown or Release

DCWE-636: Not Failing Securely ('Failing Open')

Show Suggested Answer

Suggested Answer: C

by Malcolm at May 03, 2022, 10:14 PM

Limited Time Offer

25%

Off

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!