Vulnerabilities > CVE-2022-37439 - Unspecified vulnerability in Splunk and Universal Forwarder
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
In Splunk Enterprise and Universal Forwarder versions in the following table, indexing a specially crafted ZIP file using the file monitoring input can result in a crash of the application. Attempts to restart the application would result in a crash and would require manually removing the malformed file.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 12 |
References
- https://research.splunk.com/application/b237d393-2f57-4531-aad7-ad3c17c8b041
- https://www.splunk.com/en_us/product-security/announcements/svd-2022-0803.html
- https://research.splunk.com/application/b237d393-2f57-4531-aad7-ad3c17c8b041
- https://www.splunk.com/en_us/product-security/announcements/svd-2022-0803.html