CVE-2021-31559 — HIGH (7.5)

Q: How severe is CVE-2021-31559?

CVE-2021-31559 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2021-31559?

Check the references section above for vendor advisories and patch information. Affected products include: Splunk Splunk.

Vulnerability Description

A crafted request bypasses S2S TCP Token authentication writing arbitrary events to an index in Splunk Enterprise Indexer 8.1 versions before 8.1.5 and 8.2 versions before 8.2.1. The vulnerability impacts Indexers configured to use TCPTokens. It does not impact Universal Forwarders.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

HIGH

Availability

NONE

Affected Products

Vendor	Product	Versions
Splunk	Splunk	>= 8.1.0, < 8.1.5

Related Weaknesses (CWE)

CWE-288

References

https://www.splunk.com/en_us/product-security/announcements/svd-2022-0503.htmlVendor Advisory
https://www.splunk.com/en_us/product-security/announcements/svd-2022-0503.htmlVendor Advisory

FAQ

What is CVE-2021-31559?

CVE-2021-31559 is a vulnerability with a CVSS score of 7.5 (HIGH). A crafted request bypasses S2S TCP Token authentication writing arbitrary events to an index in Splunk Enterprise Indexer 8.1 versions before 8.1.5 and 8.2 versions before 8.2.1. The vulnerability imp...

How severe is CVE-2021-31559?

CVE-2021-31559 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-31559?

Check the references section above for vendor advisories and patch information. Affected products include: Splunk Splunk.