3 matches found
CVE-2022-32153 Splunk Enterprise lacked TLS host name validation
Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not validate the TLS certificates during Splunk-to-Splunk communications by default. Splunk peer communications configured properly with valid certificates were not vulnerable...
CVE-2022-32153
CVE-2022-32153 affects Splunk Enterprise prior to 9.0 and Splunk Cloud Platform prior to 8.2.2203, where TLS hostname validation was not performed by default for Splunk-to-Splunk communications. This allowed a scenario where an attacker with administrator credentials could add a peer with an inva...
CVE-2022-32153
Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not validate the TLS certificates during Splunk-to-Splunk communications by default. Splunk peer communications configured properly with valid certificates were not vulnerable...