Upgrade to version 8.1.2 or later, as these versions fix this issue. Splunk Enterprise versions before 8.1.2 are vulnerable to remote code execution due to a command injection issue. It is possible for a user to input commands into their Splunk installation that can allow an attacker to execute instructions within the web browser of the user.

Splunk Enterprise versions before 8.1.2 are vulnerable to remote code execution due to a command injection issue. It is possible for a user to input commands into their Splunk installation that can allow an attacker to execute instructions within the web browser of the user. Splunk Enterprise versions before 8.1.2 are vulnerable to remote code execution due to a command injection issue. It is possible for a user to input commands into their Splunk installation that can allow an attacker to execute instructions within the web browser of the user. Splunk Enterprise versions before 8.1.2 are vulnerable to remote code execution due to a command injection issue. It is possible for a user to input commands into their Splunk installation that can allow an attacker to execute instructions within the web browser of the user. Splunk Enterprise versions before 8.1.2 are vulnerable to remote code execution due to a command injection issue. It is possible for a user to input commands into their Splunk installation that can allow an attacker to execute instructions within the web browser of the user.

Vulnerability overview

A vulnerability has been identified that could allow a remote attacker to execute instructions within the web browser of an affected system.

Splunk Enterprise version prior to 8.1.2 is vulnerable to remote code execution due to a command inj uction issue. It is possible for a user to input commands into their Splunk installation that can allow an attacker to execute instructions within the web browser of the user.

Timeline

Published on: 05/06/2022 17:15:00 UTC
Last modified on: 06/02/2022 14:15:00 UTC

References