Filtered by vendor Splunk
Subscriptions
Total
199 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-46214 | 1 Splunk | 2 Cloud, Splunk | 2024-09-04 | 8 High |
In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language transformations (XSLT) that users supply. This means that an attacker can upload malicious XSLT which can result in remote code execution on the Splunk Enterprise instance. | ||||
CVE-2023-40594 | 1 Splunk | 2 Splunk, Splunk Cloud Platform | 2024-09-03 | 6.5 Medium |
In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can use the `printf` SPL function to perform a denial of service (DoS) against the Splunk Enterprise instance. | ||||
CVE-2023-32706 | 1 Splunk | 2 Splunk, Splunk Cloud Platform | 2024-09-03 | 7.7 High |
On Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, an unauthenticated attacker can send specially-crafted messages to the XML parser within SAML authentication to cause a denial of service in the Splunk daemon. | ||||
CVE-2024-36993 | 1 Splunk | 2 Splunk, Splunk Cloud Platform | 2024-08-21 | 5.4 Medium |
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the admin or power Splunk roles could craft a malicious payload through a Splunk Web Bulletin Messages that could result in execution of unauthorized JavaScript code in the browser of a user. | ||||
CVE-2024-36992 | 1 Splunk | 2 Splunk, Splunk Cloud Platform | 2024-08-21 | 5.4 Medium |
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the admin or power Splunk roles could craft a malicious payload through a View that could result in execution of unauthorized JavaScript code in the browser of a user. The “url” parameter of the Dashboard element does not have proper input validation to reject invalid URLs, which could lead to a Persistent Cross-site Scripting (XSS) exploit. | ||||
CVE-2024-36990 | 1 Splunk | 2 Splunk, Splunk Cloud Platform | 2024-08-21 | 6.5 Medium |
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.2.2403.100, an authenticated, low-privileged user that does not hold the admin or power Splunk roles could send a specially crafted HTTP POST request to the datamodel/web REST endpoint in Splunk Enterprise, potentially causing a denial of service. | ||||
CVE-2024-29946 | 1 Splunk | 1 Splunk | 2024-08-12 | 8.1 High |
In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the Dashboard Examples Hub lacks protections for risky SPL commands. This could let attackers bypass SPL safeguards for risky commands in the Hub. The vulnerability would require the attacker to phish the victim by tricking them into initiating a request within their browser. | ||||
CVE-2024-23675 | 1 Splunk | 2 Cloud, Splunk | 2024-08-12 | 6.5 Medium |
In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store (KV Store) improperly handles permissions for users that use the REST application programming interface (API). This can potentially result in the deletion of KV Store collections. | ||||
CVE-2023-40598 | 1 Splunk | 2 Splunk, Splunk Cloud Platform | 2024-08-12 | 8.5 High |
In Splunk Enterprise versions below 8.2.12, 9.0.6, and 9.1.1, an attacker can create an external lookup that calls a legacy internal function. The attacker can use this internal function to insert code into the Splunk platform installation directory. From there, a user can execute arbitrary code on the Splunk platform Instance. | ||||
CVE-2023-22934 | 1 Splunk | 2 Splunk, Splunk Cloud Platform | 2024-08-12 | 7.3 High |
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘pivot’ search processing language (SPL) command lets a search bypass SPL safeguards for risky commands using a saved search job. The vulnerability requires an authenticated user to craft the saved job and a higher privileged user to initiate a request within their browser. | ||||
CVE-2023-40596 | 2 Microsoft, Splunk | 2 Windows, Splunk | 2024-08-12 | 7 High |
In Splunk Enterprise versions earlier than 8.2.12, 9.0.6, and 9.1.1, a dynamic link library (DLL) that ships with Splunk Enterprise references an insecure path for the OPENSSLDIR build definition. An attacker can abuse this reference and subsequently install malicious code to achieve privilege escalation on the Windows machine. | ||||
CVE-2022-27780 | 3 Haxx, Netapp, Splunk | 15 Curl, Clustered Data Ontap, H300s and 12 more | 2024-08-07 | 7.5 High |
The curl URL parser wrongly accepts percent-encoded URL separators like '/'when decoding the host name part of a URL, making it a *different* URL usingthe wrong host name when it is later retrieved.For example, a URL like `http://example.com%2F127.0.0.1/`, would be allowed bythe parser and get transposed into `http://example.com/127.0.0.1/`. This flawcan be used to circumvent filters, checks and more. | ||||
CVE-2010-3323 | 1 Splunk | 1 Splunk | 2024-08-07 | N/A |
Splunk 4.0.0 through 4.1.4 allows remote attackers to conduct session hijacking attacks and obtain the splunkd session key via vectors related to the SPLUNKD_SESSION_KEY parameter. | ||||
CVE-2010-3322 | 1 Splunk | 1 Splunk | 2024-08-07 | 8.8 High |
The XML parser in Splunk 4.0.0 through 4.1.4 allows remote authenticated users to obtain sensitive information and gain privileges via an XML External Entity (XXE) attack to unknown vectors. | ||||
CVE-2010-2503 | 1 Splunk | 1 Splunk | 2024-08-07 | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Splunk 4.0 through 4.0.10 and 4.1 through 4.1.1 allow remote attackers to inject arbitrary web script or HTML via (1) redirects, aka SPL-31067; (2) unspecified "user->user or user->admin" vectors, aka SPL-31084; or (3) unspecified "user input," aka SPL-31085. | ||||
CVE-2010-2502 | 1 Splunk | 1 Splunk | 2024-08-07 | N/A |
Multiple directory traversal vulnerabilities in Splunk 4.0 through 4.0.10 and 4.1 through 4.1.1 allow (1) remote attackers to read arbitrary files, aka SPL-31194; (2) remote authenticated users to modify arbitrary files, aka SPL-31063; or (3) have an unknown impact via redirects, aka SPL-31067. | ||||
CVE-2010-2504 | 1 Splunk | 1 Splunk | 2024-08-07 | N/A |
Splunk 4.0 through 4.0.10 and 4.1 through 4.1.1 allows remote authenticated users to obtain sensitive information via HTTP header injection, aka SPL-31066. | ||||
CVE-2010-2429 | 2 Microsoft, Splunk | 2 Internet Explorer, Splunk | 2024-08-07 | N/A |
Cross-site scripting (XSS) vulnerability in Splunk 4.0 through 4.1.2, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer in a "404 Not Found" response. | ||||
CVE-2011-4778 | 1 Splunk | 1 Splunk | 2024-08-07 | N/A |
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk 4.2.x before 4.2.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPL-44614. | ||||
CVE-2011-4644 | 1 Splunk | 1 Splunk | 2024-08-07 | N/A |
Splunk 4.2.5 and earlier, when a Free license is selected, enables potentially undesirable functionality within an environment that intentionally does not support authentication, which allows remote attackers to (1) read arbitrary files via a management-console session that leverages the ability to create crafted data sources, or (2) execute management commands via an HTTP request. |