Splunk Enterprise Certified Admin — Question 54

Consider the following Python code snippet used in a Splunk add-on: if not os.path.exists(full_path): self.doAction(full_path, header) else: f = open(full_path) oldORnew = f.readline
().split(`,`) f.close()
An attacker could create a denial of service by causing an error in either the open() or readline() commands. What type of vulnerability is this?

Answer options

• A. CWE-693: Protection Mechanism Failure
• B. CWE-562: Return of Stack Variable Address
• C. CWE-404: Improper Resource Shutdown or Release
• D. CWE-636: Not Failing Securely ('Failing Open')

Correct answer: C

Explanation

The correct answer is C, CWE-404: Improper Resource Shutdown or Release, as the code does not handle exceptions that may arise from opening or reading the file, potentially leading to a denial of service. Options A, B, and D do not accurately describe the vulnerability present in this scenario, as they relate to different failure mechanisms or security issues that are not relevant to the resource management concern here.