Splunk Inc Splunk Cloud Platform vulnerabilities

CVE-2022-32151 [CRITICAL] CWE-295 CVE-2022-32151: The httplib and urllib Python libraries that Splunk shipped with Splunk Enterprise did not validate The httplib and urllib Python libraries that Splunk shipped with Splunk Enterprise did not validate certificates using the certificate authority (CA) certificate stores by default in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203. Python 3 client libraries now verify server certificates by default and use t

CVE-2022-32154 [HIGH] CWE-20 CVE-2022-32154: Dashboards in Splunk Enterprise versions before 9.0 might let an attacker inject risky search comman Dashboards in Splunk Enterprise versions before 9.0 might let an attacker inject risky search commands into a form token when the token is used in a query in a cross-origin request. The result bypasses SPL safeguards for risky commands. See New capabilities can limit access to some custom and potentially risky commands (https://docs.splunk.com/Document

CVE-2022-32153 [HIGH] CWE-297 CVE-2022-32153: Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not validate the TLS certificates during Splunk-to-Splunk communications by default. Splunk peer communications configured properly with valid certificates were not vulnerable. However, an attacker with administrator credentials could