Vulnerability Details CVE-2022-43564
In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, a remote user who can create search macros and schedule search reports can cause a denial of service through the use of specially crafted search macros.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 48.8%
CVSS Severity
CVSS v3 Score 4.9
References
Products affected by CVE-2022-43564
-
cpe:2.3:a:splunk:splunk:8.1.0
-
cpe:2.3:a:splunk:splunk:8.1.1
-
cpe:2.3:a:splunk:splunk:8.1.2
-
cpe:2.3:a:splunk:splunk:8.1.4
-
cpe:2.3:a:splunk:splunk:8.1.5
-
cpe:2.3:a:splunk:splunk:8.1.6
-
cpe:2.3:a:splunk:splunk:8.1.7
-
cpe:2.3:a:splunk:splunk:8.2.0
-
cpe:2.3:a:splunk:splunk_cloud_platform:-
-
cpe:2.3:a:splunk:splunk_cloud_platform:8.1.2103
-
cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2105
-
cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2106
-
cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2107
-
cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2109
-
cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2111
-
cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2112
-
cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2201
-
cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2202
-
cpe:2.3:a:splunk:splunk_cloud_platform:8.2.2203