Security Advisory

CVE-2021-33845

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-05-06 16:35:58

Last updated 2024-08-04 00:05:51

Assigner Splunk

State PUBLISHED

Description

The Splunk Enterprise REST API allows enumeration of usernames via the lockout error message. The potential vulnerability impacts Splunk Enterprise instances before 8.1.7 when configured to repress verbose login errors.

← Browse all CVEs View on cve.org ↗