Vulnerability Description
In Splunk Enterprise and Universal Forwarder versions in the following table, indexing a specially crafted ZIP file using the file monitoring input can result in a crash of the application. Attempts to restart the application would result in a crash and would require manually removing the malformed file.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Splunk | Splunk | >= 8.1.0, < 8.1.11 |
| Splunk | Universal Forwarder | >= 8.1.0, < 8.1.11 |
Related Weaknesses (CWE)
References
- https://research.splunk.com/application/b237d393-2f57-4531-aad7-ad3c17c8b041Vendor Advisory
- https://www.splunk.com/en_us/product-security/announcements/svd-2022-0803.htmlVendor Advisory
- https://research.splunk.com/application/b237d393-2f57-4531-aad7-ad3c17c8b041Vendor Advisory
- https://www.splunk.com/en_us/product-security/announcements/svd-2022-0803.htmlVendor Advisory
FAQ
What is CVE-2022-37439?
CVE-2022-37439 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In Splunk Enterprise and Universal Forwarder versions in the following table, indexing a specially crafted ZIP file using the file monitoring input can result in a crash of the application. Attempts t...
How severe is CVE-2022-37439?
CVE-2022-37439 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-37439?
Check the references section above for vendor advisories and patch information. Affected products include: Splunk Splunk, Splunk Universal Forwarder.