3 matches found
Splunk Enterprise Deployment Server < 9.0 Improper Authorization
The version of Splunk Enterprise installed on the remote host is prior to 9.0. It may, therefore, be affected by an improper authorization vulnerability if the Deployment Server component is in use where forwarder bundles can be downloaded without authentication. Note that Nessus has not tested f...
CVE-2022-32157
CVE-2022-32157 concerns Splunk Enterprise deployment servers running versions before 9.0, which allow unauthenticated downloading of forwarder bundles. The root cause is improper access control on the Deployment Server component, leading to exposure of forwarder bundles to unauthenticated clients...
CVE-2022-32157 Splunk Enterprise deployment servers allow unauthenticated forwarder bundle downloads
Splunk Enterprise deployment servers in versions before 9.0 allow unauthenticated downloading of forwarder bundles. Remediation requires you to update the deployment server to version 9.0 and Configure authentication for deployment servers and clients...