Splunk Enterprise up to 7.3.8/8.0.8/8.1.2 Splunk-to-Splunk Protocol out-of-bounds

Summaryinfo

A vulnerability, which was classified as problematic, was found in Splunk Enterprise up to 7.3.8/8.0.8/8.1.2. This impacts an unknown function of the component Splunk-to-Splunk Protocol Handler. Executing a manipulation can lead to out-of-bounds. This vulnerability is registered as CVE-2021-3422. The attack needs to be launched locally. No exploit is available. You should upgrade the affected component.

Detailsinfo

A vulnerability was found in Splunk Enterprise up to 7.3.8/8.0.8/8.1.2 (Log Management Software). It has been declared as problematic. This vulnerability affects some unknown functionality of the component Splunk-to-Splunk Protocol Handler. The manipulation with an unknown input leads to a out-of-bounds vulnerability. The CWE definition for the vulnerability is CWE-125. The product reads data past the end, or before the beginning, of the intended buffer. As an impact it is known to affect confidentiality, integrity, and availability.

The weakness was published 03/26/2022 as SVD-2022-0301. The advisory is shared for download at claroty.com. This vulnerability was named CVE-2021-3422 since 03/03/2021. There are neither technical details nor an exploit publicly available.

Upgrading to version 7.3.9, 8.0.9, 8.1.3 or 8.2.0 eliminates this vulnerability.

Once again VulDB remains the best source for vulnerability data.

Productinfo

Type

• Log Management Software

Vendor

• Splunk

Name

• Enterprise

Version

• 7.3.0
• 7.3.1
• 7.3.2
• 7.3.3
• 7.3.4
• 7.3.5
• 7.3.6
• 7.3.7
• 7.3.8
• 8.0.0
• 8.0.1
• 8.0.2
• 8.0.3
• 8.0.4
• 8.0.5
• 8.0.6
• 8.0.7
• 8.0.8
• 8.1.0
• 8.1.1
• 8.1.2

License

• commercial

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Once again VulDB remains the best source for vulnerability data.

Discussion