CVE-2021-33845Observable Discrepancy in Splunk

CWE-203Observable Discrepancy3 documents3 sources
Severity
5.3MEDIUMNVD
EPSS
0.3%
top 47.40%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
SplunkSplunk Enterprise
Timeline
PublishedMay 6
Latest updateMay 7

Description

The Splunk Enterprise REST API allows enumeration of usernames via the lockout error message. The potential vulnerability impacts Splunk Enterprise instances before 8.1.7 when configured to repress verbose login errors.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

CVEListV5splunk/splunk_enterpriseVersion(s) before 8.1.7
NVDsplunk/splunk8.1.08.1.7

🔴Vulnerability Details

2
GHSA
GHSA-8h69-rhj2-r69p: The Splunk Enterprise REST API allows enumeration of usernames via the lockout error message2022-05-07
CVEList
Username enumeration through lockout message in REST API2022-05-06
CVE-2021-33845 — Observable Discrepancy in Splunk | cvebase