Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistSplunkCVELIST:CVE-2022-32154
HistoryJun 14, 2022 - 12:00 a.m.

CVE-2022-32154 Risky commands warnings in Splunk Enterprise Dashboards

2022-06-1400:00:00
CWE-20
Splunk
www.cve.org

6.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

8.5 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.0%

JSON

Dashboards in Splunk Enterprise versions before 9.0 might let an attacker inject risky search commands into a form token when the token is used in a query in a cross-origin request. The result bypasses SPL safeguards for risky commands. See New capabilities can limit access to some custom and potentially risky commands (https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/SPLsafeguards#New_capabilities_can_limit_access_to_some_custom_and_potentially_risky_commands) for more information. Note that the attack is browser-based and an attacker cannot exploit it at will.

CNA Affected

[
  {
    "product": "Splunk Enterprise",
    "vendor": "Splunk, Inc",
    "versions": [
      {
        "lessThan": "9.0",
        "status": "affected",
        "version": "9.0",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Splunk Cloud Platform",
    "vendor": "Splunk, Inc",
    "versions": [
      {
        "lessThan": "8.2.2106",
        "status": "affected",
        "version": "8.2",
        "versionType": "custom"
      }
    ]
  }
]

Related

prion 1
cve 1
cnvd 1
nvd 1
nessus 1
prion
prion
Design/Logic Flaw
2022-06-15 17:15:00
cve
cve
CVE-2022-32154
2022-06-15 17:15:09
cnvd
cnvd
Splunk Command Injection Vulnerability
2022-06-24 00:00:00
nvd
nvd
CVE-2022-32154
2022-06-15 17:15:09
nessus
nessus
Splunk Enterprise < 9.0 Multiple Vulnerabilities
2022-08-11 00:00:00

6.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

8.5 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.0%

JSON
Related for CVELIST:CVE-2022-32154
prion1cve1cnvd1nvd1nessus1