Vulnerabilities > Splunk > Splunk > 8.1.5
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-06-15 | CVE-2022-32156 | Improper Certificate Validation vulnerability in Splunk In Splunk Enterprise and Universal Forwarder versions before 9.0, the Splunk command-line interface (CLI) did not validate TLS certificates while connecting to a remote Splunk platform instance by default. | 8.1 |
2022-06-15 | CVE-2022-32157 | Missing Authentication for Critical Function vulnerability in Splunk Splunk Enterprise deployment servers in versions before 9.0 allow unauthenticated downloading of forwarder bundles. | 5.0 |
2022-06-15 | CVE-2022-32158 | Unspecified vulnerability in Splunk Splunk Enterprise deployment servers in versions before 8.1.10.1, 8.2.6.1, and 9.0 let clients deploy forwarder bundles to other deployment clients through the deployment server. | 7.5 |
2022-05-06 | CVE-2021-26253 | Unspecified vulnerability in Splunk A potential vulnerability in Splunk Enterprise's implementation of DUO MFA allows for bypassing the MFA verification in Splunk Enterprise versions before 8.1.6. network splunk | 6.8 |
2022-05-06 | CVE-2021-33845 | Information Exposure Through Discrepancy vulnerability in Splunk The Splunk Enterprise REST API allows enumeration of usernames via the lockout error message. | 5.0 |