CVE-2022-32158

critical

Description

Splunk Enterprise deployment servers in versions before 8.1.10.1, 8.2.6.1, and 9.0 let clients deploy forwarder bundles to other deployment clients through the deployment server. An attacker that compromised a Universal Forwarder endpoint could use the vulnerability to execute arbitrary code on all other Universal Forwarder endpoints subscribed to the deployment server.

References

https://www.splunk.com/en_us/product-security/announcements/svd-2022-0608.html

https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/Updates

Details

Source: Mitre, NVD

Published: 2022-06-15

Updated: 2022-07-12

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 10

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Severity: Critical

Detections

Analytics