CVE-2021-31559

EPSS 0.15%
Veröffentlicht 06.05.2022 17:15:08
Zuletzt bearbeitet 21.11.2024 06:05:54
Quelle prodsec@splunk.com
Teams Watchlist Login
Unerledigt Login

A crafted request bypasses S2S TCP Token authentication writing arbitrary events to an index in Splunk Enterprise Indexer 8.1 versions before 8.1.5 and 8.2 versions before 8.2.1. The vulnerability impacts Indexers configured to use TCPTokens. It does not impact Universal Forwarders.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Splunk ≫ Splunk SwEditionenterprise Version >= 8.1.0 < 8.1.5

Splunk ≫ Splunk Version8.2.0 SwEditionenterprise

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.15%	0.356

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:P/A:N
prodsec@splunk.com	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-288 Authentication Bypass Using an Alternate Path or Channel

The product requires authentication, but the product has an alternate path or channel that does not require authentication.

https://www.splunk.com/en_us/product-security/announcements/svd-2022-0503.html

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-31559

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-31559

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-31559

EUVD