Splunk Alert
2442Warning Date
Severity Level
Warning Number
Target Sector
28 June, 2022
● High
2022-5010
All
Description:
Splunk has released security updates to address a vulnerabilities in the following products:
- Splunk Enterprise
- Versions before 9.0
- Splunk Cloud Platform
- Versions before 8.2.2203
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Execute arbitrary code
- Improper validation of the TLS certificates
Best practice and Recommendations:
The CERT team encourages users to review Splunk security advisory and apply the necessary updates:
- https://www.splunk.com/en_us/product-security/announcements/svd-2022-0601.html
- https://www.splunk.com/en_us/product-security/announcements/svd-2022-0602.html
- https://www.splunk.com/en_us/product-security/announcements/svd-2022-0603.html
- https://www.splunk.com/en_us/product-security/announcements/svd-2022-0606.html
- https://www.splunk.com/en_us/product-security/announcements/svd-2022-0607.html
- https://www.splunk.com/en_us/product-security/announcements/svd-2022-0608.html