CVE Vulnerabilities

CVE-2021-31559

Published: May 06, 2022 | Modified: Oct 25, 2022
CVSS 3.x
7.5
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

A crafted request bypasses S2S TCP Token authentication writing arbitrary events to an index in Splunk Enterprise Indexer 8.1 versions before 8.1.5 and 8.2 versions before 8.2.1. The vulnerability impacts Indexers configured to use TCPTokens. It does not impact Universal Forwarders.

Affected Software

Name Vendor Start Version End Version
Splunk Splunk 8.1.0 (including) 8.1.5 (excluding)
Splunk Splunk 8.2.0 (including) 8.2.0 (including)

References