First published: Tue Aug 16 2022(Updated: )
In Splunk Enterprise and Universal Forwarder versions in the following table, indexing a specially crafted ZIP file using the file monitoring input can result in a crash of the application. Attempts to restart the application would result in a crash and would require manually removing the malformed file.
Credit: prodsec@splunk.com
Affected Software | Affected Version | How to fix |
---|---|---|
Splunk Splunk | >=8.1.0<8.1.11 | |
Splunk Splunk | >=8.2.0<8.2.7.1 | |
Splunk Universal Forwarder | >=8.1.0<8.1.11 | |
Splunk Universal Forwarder | >=8.2.0<8.2.7.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2022-37439 is medium with a severity value of 5.5.
The affected software for CVE-2022-37439 is Splunk Enterprise and Universal Forwarder versions 8.1.0 to 8.1.11 and 8.2.0 to 8.2.7.1.
CVE-2022-37439 can result in a crash of the application when indexing a specially crafted ZIP file using the file monitoring input.
To fix CVE-2022-37439, upgrade Splunk Enterprise and Universal Forwarder to versions 8.1.12 or 8.2.7.2 or later.
You can find more information about CVE-2022-37439 on the Splunk Research Portal and the Splunk Product Security Announcements page.