Vulnerabilities > Splunk > Splunk Cloud Platform
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-15 | CVE-2022-32152 | Improper Certificate Validation vulnerability in Splunk Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not validate the TLS certificates during Splunk-to-Splunk communications by default. | 7.2 |
| 2022-06-15 | CVE-2022-32153 | Improper Certificate Validation vulnerability in Splunk Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not validate the TLS certificates during Splunk-to-Splunk communications by default. | 8.1 |
| 2022-06-15 | CVE-2022-32154 | Command Injection vulnerability in Splunk Dashboards in Splunk Enterprise versions before 9.0 might let an attacker inject risky search commands into a form token when the token is used in a query in a cross-origin request. | 8.1 |
| 2022-06-15 | CVE-2022-32155 | Incorrect Permission Assignment for Critical Resource vulnerability in Splunk In universal forwarder versions before 9.0, management services are available remotely by default. | 7.5 |