CVE-2021-31559

Summary

A crafted request bypasses S2S TCP Token authentication writing arbitrary events to an index in Splunk Enterprise Indexer 8.1 versions before 8.1.5 and 8.2 versions before 8.2.1. The vulnerability impacts Indexers configured to use TCPTokens. It does not impact Universal Forwarders.

Affected Software

VendorProductVersion RangeStatus
SplunkSplunk Enterprise8.2 version(s) before 8.2.1affected
SplunkSplunk EnterpriseVersion(s) before 8.1.5affected

Weaknesses

  • CWE-288: CWE-288

ADP Enrichment

CVE Program Container

Additional References

References