In the mid-week of June, Splunk has come up with patches to fix the cross-site scripting vulnerabilities across the organization. However, a critical issue also leads to the arbitrary execution of code.
What is the Splunk critical vulnerability.?
The deployment server enables you to build a configuration pack that company agents can automatically download. These configurations also contain binary packages.
An administrator controls a deployment server via IP addresses, DNS names, or architecture. By default, most of the agents will operate the system on windows.
Splunk came up with a new critical-severe vulnerability CVE-2022-32158 having a CVSS score of 9.0. It enables the clients to grasp the server to distribute the forwarded bundles to various clients.
There is a risk that an attacker could compromise a Universal Forwarder endpoint and abuse it to execute arbitrary code on other endpoints connected to the deployment server. However, Splunk has fixed cross-site scripting vulnerabilities by bringing the Enterprise Deployment server version 9.0 and motivating the customers to update their versions to 9.0.
Also, the company has announced they have resolved many high-severity bugs in their enterprise. Version 9.0 enables the forwarder bundles to be downloaded without evidence.
Remediation requires updating all Universal Forwarders that the deployment server manages to version 9.0 or higher before enabling the remediation. Its cloud platform is not affected by these vulnerabilities as it does not use the servers.
How can ESOF fix the cross-site scripting vulnerabilities.?
The solution for fixing CVE-2022-32158 is to update their system to version 9.0, which is way too old. Other than this, there is no other solution to this problem; that means you will be affected by it. However, the ESOF Next-Gen platform can help in fixing the cross-site scripting vulnerabilities.
ESOF helps find vulnerabilities in conditions where products like Splunk are integrated into these types of vulnerabilities or risks. It provides Cyber Risk Score for these types of exposures or threats. The cyber score helps in understanding the cyber security posture.
ESOF has a one-click notification feature that lets the clients know about Zero-day risk linked with their assets. After detecting, it remediates the threats before their breaches.