PT-2022-10292 · Splunk · Splunk Enterprise
Kyle Bambrick
·
Published
2022-05-06
·
Updated
2022-05-17
·
CVE-2021-33845
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Splunk Enterprise versions prior to 8.1.7
Description
The Splunk Enterprise REST API allows enumeration of usernames via the lockout error message. This issue impacts instances when configured to repress verbose login errors.
Recommendations
For versions prior to 8.1.7, update to version 8.1.7 or later to resolve the issue. As a temporary workaround, consider configuring the instance to display verbose login errors to prevent username enumeration.
Fix
Side Channel Attack
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Splunk Enterprise