CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-26253 – Bypass of Splunk Enterprise's implementation of DUO MFA
https://notcve.org/view.php?id=CVE-2021-26253
06 May 2022 — A potential vulnerability in Splunk Enterprise's implementation of DUO MFA allows for bypassing the MFA verification in Splunk Enterprise versions before 8.1.6. The potential vulnerability impacts Splunk Enterprise instances configured to use DUO MFA and does not impact or affect a DUO product or service. Una posible vulnerabilidad en la implementación de DUO MFA de Splunk Enterprise permite omitir la verificación MFA en las versiones de Splunk Enterprise anteriores a 8.1.6. La vulnerabilidad potencial afec... • https://www.splunk.com/en_us/product-security/announcements/svd-2022-0504.html • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-3422 – Indexer denial-of-service via malformed S2S request
https://notcve.org/view.php?id=CVE-2021-3422
25 Mar 2022 — The lack of validation of a key-value field in the Splunk-to-Splunk protocol results in a denial-of-service in Splunk Enterprise instances configured to index Universal Forwarder traffic. The vulnerability impacts Splunk Enterprise versions before 7.3.9, 8.0 versions before 8.0.9, and 8.1 versions before 8.1.3. It does not impact Universal Forwarders. When Splunk forwarding is secured using TLS or a Token, the attack requires compromising the certificate or token, or both. Implementation of either or both r... • https://claroty.com/2022/03/24/blog-research-locking-down-splunk-enterprise-indexers-and-forwarders • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read •