What is CVE-2022-32153?

CVE-2022-32153 is a high-severity vulnerability in Splunk, Inc Splunk Cloud Platform, classified under Improper Validation of Certificate with Host Mismatch. CVSS score: 8.1/10. Published 2022-06-15.

How severe is CVE-2022-32153?

High severity. CVSS v3 base score is 8.1 out of 10.

Vulnerability in Splunk, Inc Splunk Cloud Platform

CVE-2022-32153

Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not validate the TLS certificates during Splunk-to-Splunk communications by default. Splunk peer communications configu…

EPSS: 0.003 (53.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.1 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Splunk, Inc Splunk Cloud Platform — versions 8.2
Splunk, Inc Splunk Enterprise — versions 9.0

Weakness classification (CWE)

CWE-297 — Improper Validation of Certificate with Host Mismatch

References

docs.splunk.com/Documentation/Splunk/9.0.0/Security/EnableTLSCertHostnameValida… (x_refsource_CONFIRM)
docs.splunk.com/Documentation/Splunk/9.0.0/Security/Updates (x_refsource_CONFIRM)
research.splunk.com/application/splunk_digital_certificates_infrastructure_vers… (x_refsource_CONFIRM)
research.splunk.com/application/splunk_digital_certificates_lack_of_encryption/ (x_refsource_CONFIRM)
research.splunk.com/application/splunk_protocol_impersonation_weak_encryption_s… (x_refsource_CONFIRM)
research.splunk.com/network/splunk_identified_ssl_tls_certificates/ (x_refsource_CONFIRM)
www.splunk.com/en_us/product-security/announcements/svd-2022-0603.html (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2022-32153?: CVE-2022-32153 is a high-severity vulnerability in Splunk, Inc Splunk Cloud Platform, classified under Improper Validation of Certificate with Host Mismatch. CVSS score: 8.1/10. Published 2022-06-15.
How severe is CVE-2022-32153?: High severity. CVSS v3 base score is 8.1 out of 10.