A crafted request bypasses S2S TCP Token authentication writing arbitrary events to an index in Splunk Enterprise Indexer 8.1 versions prior to 8.1.5 and 8.2 versions prior to 8.2.1. The vulnerability impacts Indexers configured to use TCPTokens. It does not impact Universal Forwarders.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
splunk splunk |
||
splunk splunk 8.2.0 |