Filtered by vendor Splunk
Subscriptions
Filtered by product Splunk
Subscriptions
Total
128 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-22938 | 1 Splunk | 2 Splunk, Splunk Cloud Platform | 2024-08-02 | 4.3 Medium |
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘sendemail’ REST API endpoint lets any authenticated user send an email as the Splunk instance. The endpoint is now restricted to the ‘splunk-system-user’ account on the local instance. | ||||
CVE-2024-36991 | 2 Microsoft, Splunk | 2 Windows, Splunk | 2024-08-02 | 7.5 High |
In Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10, an attacker could perform a path traversal on the /modules/messaging/ endpoint in Splunk Enterprise on Windows. This vulnerability should only affect Splunk Enterprise on Windows. | ||||
CVE-2024-36983 | 1 Splunk | 2 Splunk, Splunk Cloud Platform | 2024-08-02 | 8 High |
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109 and 9.1.2308.207, an authenticated user could create an external lookup that calls a legacy internal function. The authenticated user could use this internal function to insert code into the Splunk platform installation directory. From there, the user could execute arbitrary code on the Splunk platform Instance. | ||||
CVE-2024-36985 | 1 Splunk | 1 Splunk | 2024-08-02 | 8.8 High |
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10, a low-privileged user that does not hold the admin or power Splunk roles could cause a Remote Code Execution through an external lookup that references the “splunk_archiver“ application. | ||||
CVE-2024-29945 | 1 Splunk | 1 Splunk | 2024-08-02 | 7.2 High |
In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the software potentially exposes authentication tokens during the token validation process. This exposure happens when either Splunk Enterprise runs in debug mode or the JsonWebToken component has been configured to log its activity at the DEBUG logging level. | ||||
CVE-2024-23677 | 1 Splunk | 2 Cloud, Splunk | 2024-08-01 | 4.3 Medium |
In Splunk Enterprise versions below 9.0.8, the Splunk RapidDiag utility discloses server responses from external applications in a log file. | ||||
CVE-2024-23676 | 1 Splunk | 2 Cloud, Splunk | 2024-08-01 | 4.6 Medium |
In Splunk versions below 9.0.8 and 9.1.3, the “mrollup” SPL command lets a low-privileged user view metrics on an index that they do not have permission to view. This vulnerability requires user interaction from a high-privileged user to exploit. | ||||
CVE-2024-23678 | 1 Splunk | 1 Splunk | 2024-08-01 | 7.5 High |
In Splunk Enterprise for Windows versions below 9.0.8 and 9.1.3, Splunk Enterprise does not correctly sanitize path input data. This results in the unsafe deserialization of untrusted data from a separate disk partition on the machine. This vulnerability only affects Splunk Enterprise for Windows. |