Splunk · Splunk Enterprise Indexer · CVE-2021-31559
**Name of the Vulnerable Software and Affected Versions**
Splunk Enterprise Indexer versions 8.1 through 8.1.4
Splunk Enterprise Indexer versions 8.2 through 8.2.0
**Description**
A crafted request can bypass S2S TCP Token authentication, allowing arbitrary events to be written to an index. This issue impacts Indexers configured to use TCPTokens, but it does not affect Universal Forwarders.
**Recommendations**
For versions 8.1 through 8.1.4, update to version 8.1.5 or later.
For versions 8.2 through 8.2.0, update to version 8.2.1 or later.