8.2.2105

DATE	CVE	VULNERABILITY TITLE	RISK
2022-06-15	CVE-2022-32154	Command Injection vulnerability in Splunk Dashboards in Splunk Enterprise versions before 9.0 might let an attacker inject risky search commands into a form token when the token is used in a query in a cross-origin request. network high complexity splunk CWE-77	4.0
2022-06-15	CVE-2022-32155	Incorrect Permission Assignment for Critical Resource vulnerability in Splunk In universal forwarder versions before 9.0, management services are available remotely by default. network low complexity splunk CWE-732	5.0