Security Vulnerabilities - CVEs Published In May 2022
Reflected Cross-Site Scripting (XSS) vulnerability in Adam Skaat's Countdown & Clock plugin on WordPress via &ycd_type vulnerable parameter.
CVSS Score
4.7
EPSS Score
0.002
Published
2022-05-06
A potential vulnerability in Splunk Enterprise's implementation of DUO MFA allows for bypassing the MFA verification in Splunk Enterprise versions before 8.1.6. The potential vulnerability impacts Splunk Enterprise instances configured to use DUO MFA and does not impact or affect a DUO product or service.
CVSS Score
8.1
EPSS Score
0.002
Published
2022-05-06
A crafted request bypasses S2S TCP Token authentication writing arbitrary events to an index in Splunk Enterprise Indexer 8.1 versions before 8.1.5 and 8.2 versions before 8.2.1. The vulnerability impacts Indexers configured to use TCPTokens. It does not impact Universal Forwarders.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-05-06
The Splunk Enterprise REST API allows enumeration of usernames via the lockout error message. The potential vulnerability impacts Splunk Enterprise instances before 8.1.7 when configured to repress verbose login errors.
CVSS Score
5.3
EPSS Score
0.003
Published
2022-05-06
Stored Cross-Site Scripting (XSS) vulnerability in Andrea Pernici News Sitemap for Google plugin <= 1.0.16 on WordPress, attackers must have contributor or higher user role.
CVSS Score
5.4
EPSS Score
0.002
Published
2022-05-06
A misconfiguration in the node default path allows for local privilege escalation from a lower privileged user to the Splunk user in Splunk Enterprise versions before 8.1.1 on Windows.
CVSS Score
8.8
EPSS Score
0.001
Published
2022-05-06
Keylime does not enforce that the agent registrar data is the same when the tenant uses it for validation of the EK and identity quote and the verifier for validating the integrity quote. This allows an attacker to use one AK, EK pair from a real TPM to pass EK validation and give the verifier an AK of a software TPM. A successful attack breaks the entire chain of trust because a not validated AK is used by the verifier. This issue is worse if the validation happens first and then the agent gets added to the verifier because the timing is easier and the verifier does not validate the regcount entry being equal to 1,
CVSS Score
9.1
EPSS Score
0.005
Published
2022-05-06
When handling a mismatched pre-authentication cookie, the application leaks the internal error message in the response, which contains the Splunk Enterprise local system path. The vulnerability impacts Splunk Enterprise versions before 8.1.0.
CVSS Score
4.3
EPSS Score
0.003
Published
2022-05-06
In Splunk Enterprise versions before 8.1.2, the uri path to load a relative resource within a web page is vulnerable to path traversal. It allows an attacker to potentially inject arbitrary content into the web page (e.g., HTML Injection, XSS) or bypass SPL safeguards for risky commands. The attack is browser-based. An attacker cannot exploit the attack at will and requires the attacker to initiate a request within the victim's browser (e.g., phishing).
CVSS Score
8.8
EPSS Score
0.001
Published
2022-05-06
The Monitoring Console app configured in Distributed mode allows for a Reflected XSS in a query parameter in Splunk Enterprise versions before 8.1.4. The Monitoring Console app is a bundled app included in Splunk Enterprise, not for download on SplunkBase, and not installed on Splunk Cloud Platform instances. Note that the Cloud Monitoring Console is not impacted.
CVSS Score
8.8
EPSS Score
0.006
Published
2022-05-06