Denial-of-Service Vulnerability in Splunk Enterprise Versions Below 8.2.9, 8.1.12, and 9.0.2

Denial-of-Service Vulnerability in Splunk Enterprise Versions Below 8.2.9, 8.1.12, and 9.0.2

CVE-2022-43572 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, sending a malformed file through the Splunk-to-Splunk (S2S) or HTTP Event Collector (HEC) protocols to an indexer results in a blockage or denial-of-service preventing further indexing.

Learn more about our Web Application Penetration Testing UK.