In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can use the printf
SPL function to perform a denial of service (DoS) against the Splunk Enterprise instance.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Splunk | Splunk | 8.2.0 (including) | 8.2.12 (excluding) |
Splunk | Splunk | 9.0.0 (including) | 9.0.6 (excluding) |
Splunk | Splunk | 9.1.0 (including) | 9.1.0 (including) |
Splunk_cloud_platform | Splunk | * | 9.0.2305.100 (including) |