3 matches found
Splunk Enterprise 9.0.0 < 9.0.1 (SVD-2022-0801)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2022-0801 advisory. - When using Ingest Actions to configure a destination that resides on Amazon Simple Storage Service S3 in Splunk Web, TLS...
CVE-2022-37437 Ingest Actions UI in Splunk Enterprise 9.0.0 disabled TLS certificate validation
When using Ingest Actions to configure a destination that resides on Amazon Simple Storage Service S3 in Splunk Web, TLS certificate validation is not correctly performed and tested for the destination. The vulnerability only affects connections between Splunk Enterprise and an Ingest Actions...
CVE-2022-37437
Summary: CVE-2022-37437 affects Splunk Enterprise 9.0.0 when using Ingest Actions to configure an S3 destination via Splunk Web. The root cause is that TLS certificate validation is not correctly performed and tested for the destination, and this only impacts connections through Splunk Web with T...