A crafted request bypasses S2S TCP Token authentication writing arbitrary events to an index in Splunk Enterprise Indexer 8.1 versions before 8.1.5 and 8.2 versions before 8.2.1. The vulnerability impacts Indexers configured to use TCPTokens. It does not impact Universal Forwarders.
References
Link | Resource |
---|---|
https://www.splunk.com/en_us/product-security/announcements/svd-2022-0503.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
25 Oct 2022, 16:42
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-noinfo |
17 May 2022, 16:41
Type | Values Removed | Values Added |
---|---|---|
First Time |
Splunk
Splunk splunk |
|
References | (MISC) https://www.splunk.com/en_us/product-security/announcements/svd-2022-0503.html - Vendor Advisory | |
CWE | CWE-287 | |
CPE | cpe:2.3:a:splunk:splunk:8.2.0:*:*:*:enterprise:*:*:* cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
06 May 2022, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-05-06 17:15
Updated : 2023-12-10 14:22
NVD link : CVE-2021-31559
Mitre link : CVE-2021-31559
CVE.ORG link : CVE-2021-31559
JSON object : View
Products Affected
splunk
- splunk
CWE