Ò»�¡¢�¡¢Îó²îÏêÇé
1.1. Îó²îÐÎò
Splunk EnterpriseÊÇ»úеÊý¾ÝµÄÒýÇæ¡£�¡£Ê¹ÓÃSplunk¿ÉÍøÂç�¡¢�¡¢Ë÷ÒýºÍʹÓÃËùÓÐÓ¦ÓóÌÐò�¡¢�¡¢·þÎñÆ÷ºÍ×°±¸ÌìÉúµÄ¿ìËÙÒƶ¯ÐÍÅÌËã»úÊý¾Ý¡£�¡£¹ØÁª²¢ÆÊÎö¿çÔ½¶à¸öϵͳµÄÖØ´óÊÂÎñ¡£�¡�£»�£»ñÈ¡ÐÂÌõÀíµÄÔËÓª¿É¼ûÐÔÒÔ¼°ITºÍÓªÒµÖÇÄÜ¡£�¡£Splunk Enterprise°²ÅÅ·þÎñÆ÷9.0֮ǰµÄ°æ±¾±£´æÔ¶³Ì´úÂëÖ´ÐÐÎó²î�£¬ÔÊÐí¿Í»§¶Ë½«×ª·¢Æ÷À¦°ó°üͨ¹ý¸Ã·þÎñÆ÷°²Åŵ½ÆäËû°²ÅÅ¿Í»§¶Ë¡£�¡£Ê¹Óð²ÅÅ·þÎñÆ÷ʱ�£¬ÔÊÐí½¨Éè¿ÉÓÉSplunkͨÓÃת·¢Æ÷(SUF)ÊðÀí»òÆäËûSplunk EnterpriseʵÀý£¨ÈçÖØÐÍת·¢Æ÷£©×Ô¶¯ÏÂÔصÄÉèÖðü�£¬ÕâЩÉèÖðüÖÐÔÊÐí°üÀ¨¶þ½øÖÆÎļþ�£¬SUF×Ô¶¯ÏÂÔغó»áÖ´Ðиöþ½øÖƳÌÐò¡£�¡£Ä¬ÈÏÇéÐÎÏÂ�£¬SUFÊðÀíÔÚWindowsÉÏÒÔSYSTEMÉí·ÝÔËÐС£�¡�£¿ØÖÆÁËͨÓÃת·¢Æ÷¶ËµãµÄ¹¥»÷Õß¿ÉʹÓøÃÎó²îÔÚ¶©ÔÄ°²ÅÅ·þÎñÆ÷µÄËùÓÐÆäËûͨÓÃת·¢Æ÷¶ËµãÉÏÖ´ÐÐí§Òâ´úÂë¡£�¡£
1.2. Îó²î±àºÅ
CVE-2022-32158
1.3. Îó²îÆ·¼¶
¸ß Σ
¶þ�¡¢�¡¢Ó°Ïì¹æÄ£
Splunk Enterprise < 9.0
Èý�¡¢�¡¢ÐÞ¸´½¨Òé
½« Splunk Enterprise deployment servers Éý¼¶ÖÁ 9.0 »òÒÔÉÏ°æ±¾
https://www.splunk.com/en_us/product-security/announcements/svd-2022- 0608.html
