Unrated severityNVD Advisory· Published Jun 15, 2022· Updated Sep 17, 2024
Splunk Enterprise deployment servers allow client publishing of forwarder bundles
CVE-2022-32158
Description
Splunk Enterprise deployment servers in versions before 8.1.10.1, 8.2.6.1, and 9.0 let clients deploy forwarder bundles to other deployment clients through the deployment server. An attacker that compromised a Universal Forwarder endpoint could use the vulnerability to execute arbitrary code on all other Universal Forwarder endpoints subscribed to the deployment server.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <8.1.10.1, <8.2.6.1, <9.0
- Splunk, Inc/Splunk Enterprisev5Range: 9.0
Patches
Vulnerability mechanics
References
2- docs.splunk.com/Documentation/Splunk/9.0.0/Security/Updatesmitrex_refsource_CONFIRM
- www.splunk.com/en_us/product-security/announcements/svd-2022-0608.htmlmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.