cbcvebase.
CVE-2022-37439
published 2022-08-16

CVE-2022-37439: In Splunk Enterprise and Universal Forwarder versions in the following table, indexing a specially crafted ZIP file using the file monitoring input can result…

PriorityP421medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
EPSS
0.19%
9.0th percentile
In Splunk Enterprise and Universal Forwarder versions in the following table, indexing a specially crafted ZIP file using the file monitoring input can result in a crash of the application. Attempts to restart the application would result in a crash and would require manually removing the malformed file.

Affected

8 ranges
VendorProductVersion rangeFixed in
splunksplunk>= 8.1.0 < 8.1.118.1.11
splunksplunk>= 8.2.0 < 8.2.7.18.2.7.1
splunksplunk_enterprise>= 8.1 < 8.1.118.1.11
splunksplunk_enterprise>= 8.2 < 8.2.7.18.2.7.1
splunkuniversal_forwarder>= 8.1.0 < 8.1.118.1.11
splunkuniversal_forwarder>= 8.2.0 < 8.2.7.18.2.7.1
splunkuniversal_forwarders
splunkuniversal_forwarders>= 8.2 < 8.2.7.18.2.7.1
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.