CVE-2022-32156
CVE-2022-32156 affects Splunk Enterprise and Universal Forwarder prior to 9.0, where the CLI did not validate TLS certificates when connecting to a remote Splunk platform. The issue’s root cause is missing TLS host-name validation by default, potentially enabling misconfigured nodes to bypass val...