VYPR
Unrated severityNVD Advisory· Published May 6, 2022· Updated Aug 3, 2024

S2S TcpToken authentication bypass

CVE-2021-31559

Description

A crafted request bypasses S2S TCP Token authentication writing arbitrary events to an index in Splunk Enterprise Indexer 8.1 versions before 8.1.5 and 8.2 versions before 8.2.1. The vulnerability impacts Indexers configured to use TCPTokens. It does not impact Universal Forwarders.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Splunk/Splunk Enterprisellm-fuzzy2 versions
    <=8.1.4, <=8.2.0+ 1 more
    • (no CPE)range: <=8.1.4, <=8.2.0
    • (no CPE)range: 8.2 version(s) before 8.2.1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.