CVE-2021-31559

Published: May 6, 2022Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

A crafted request bypasses S2S TCP Token authentication writing arbitrary events to an index in Splunk Enterprise Indexer 8.1 versions before 8.1.5 and 8.2 versions before 8.2.1. The vulnerability impacts Indexers configured to use TCPTokens. It does not impact Universal Forwarders.

Affected (2)

Products: Splunk: Splunk

1 product

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Splunk Splunk	From 8.1.0 to 8.1.5
Splunk Splunk	Version 8.2.0

Related CWEs

Authentication Bypass Using an Alternate Path or Channel

A product requires authentication, but the product has an alternate path or channel that does not require authentication.

References (2)

https://www.splunk.com/en_us/product-security/announcements/svd-2022-0503.html

Source: prodsec@splunk.com

Vendor Advisory

https://www.splunk.com/en_us/product-security/announcements/svd-2022-0503.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.