The Splunk Enterprise REST API allows enumeration of usernames via the lockout error message. The potential vulnerability impacts Splunk Enterprise instances before 8.1.7 when configured to repress verbose login errors.
References
Link | Resource |
---|---|
https://research.splunk.com/application/splunk_user_enumeration_attempt/ | Vendor Advisory |
https://www.splunk.com/en_us/product-security/announcements/svd-2022-0502.html | Vendor Advisory |
Configurations
History
17 May 2022, 16:56
Type | Values Removed | Values Added |
---|---|---|
First Time |
Splunk
Splunk splunk |
|
References | (MISC) https://www.splunk.com/en_us/product-security/announcements/svd-2022-0502.html - Vendor Advisory | |
References | (MISC) https://research.splunk.com/application/splunk_user_enumeration_attempt/ - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 5.3 |
CWE | CWE-203 | |
CPE | cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:* |
06 May 2022, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-05-06 17:15
Updated : 2023-12-10 14:22
NVD link : CVE-2021-33845
Mitre link : CVE-2021-33845
CVE.ORG link : CVE-2021-33845
JSON object : View
Products Affected
splunk
- splunk
CWE
CWE-203
Observable Discrepancy