2 matches found
CVE-2022-32156 Splunk Enterprise and Universal Forwarder CLI connections lacked TLS cert validation
In Splunk Enterprise and Universal Forwarder versions before 9.0, the Splunk command-line interface CLI did not validate TLS certificates while connecting to a remote Splunk platform instance by default. After updating to version 9.0, see Configure TLS host name validation for the Splunk CLI...
CVE-2022-32156
CVE-2022-32156 affects Splunk Enterprise and Universal Forwarder prior to 9.0, where the CLI did not validate TLS certificates when connecting to a remote Splunk platform. The issue’s root cause is missing TLS host-name validation by default, potentially enabling misconfigured nodes to bypass val...