VYPR
Unrated severityNVD Advisory· Published Mar 25, 2022· Updated Aug 3, 2024

Indexer denial-of-service via malformed S2S request

CVE-2021-3422

Description

The lack of validation of a key-value field in the Splunk-to-Splunk protocol results in a denial-of-service in Splunk Enterprise instances configured to index Universal Forwarder traffic. The vulnerability impacts Splunk Enterprise versions before 7.3.9, 8.0 versions before 8.0.9, and 8.1 versions before 8.1.3. It does not impact Universal Forwarders. When Splunk forwarding is secured using TLS or a Token, the attack requires compromising the certificate or token, or both. Implementation of either or both reduces the severity to Medium.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Splunk/Splunk Enterprisellm-fuzzy2 versions
    <7.3.9, <8.0.9, <8.1.3+ 1 more
    • (no CPE)range: <7.3.9, <8.0.9, <8.1.3
    • (no CPE)range: 8.2 version(s) before 8.2.0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.