First published: Fri May 06 2022(Updated: )
A crafted request bypasses S2S TCP Token authentication writing arbitrary events to an index in Splunk Enterprise Indexer 8.1 versions before 8.1.5 and 8.2 versions before 8.2.1. The vulnerability impacts Indexers configured to use TCPTokens. It does not impact Universal Forwarders.
Credit: prodsec@splunk.com
Affected Software | Affected Version | How to fix |
---|---|---|
Splunk Splunk | >=8.1.0<8.1.5 | |
Splunk Splunk | =8.2.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.