High severity8.8NVD Advisory· Published Sep 14, 2010· Updated Apr 29, 2026

CVE-2010-3322

Description

The XML parser in Splunk 4.0.0 through 4.1.4 allows remote authenticated users to obtain sensitive information and gain privileges via an XML External Entity (XXE) attack to unknown vectors.

Affected products

Splunk/Splunk
cpe:2.3:a:splunk:splunk:*:*:*:*:*:*:*:*
Range: >=4.0,<=4.1.4

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.splunk.com/view/SP-CAAAFQ6nvdPatchVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.572
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000