Splunk
by Splunk
Source repositories
CVEs (55)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-12572 | Med | 0.31 | 4.8 | 0.01 | Aug 5, 2017 | Persistent Cross Site Scripting (XSS) exists in Splunk Enterprise 6.5.x before 6.5.2, 6.4.x before 6.4.6, and 6.3.x before 6.3.9 and Splunk Light before 6.5.2, with exploitation requiring administrative access, aka SPL-134104. | ||
| CVE-2016-4858 | Med | 0.31 | 4.8 | 0.01 | May 12, 2017 | Cross-site scripting vulnerability in Splunk Enterprise 6.4.x prior to 6.4.2, Splunk Enterprise 6.3.x prior to 6.3.6, Splunk Enterprise 6.2.x prior to 6.2.10, Splunk Enterprise 6.1.x prior to 6.1.11, Splunk Enterprise 6.0.x prior to 6.0.12, Splunk Enterprise 5.0.x prior to… | ||
| CVE-2016-4856 | Med | 0.31 | 4.8 | 0.01 | May 12, 2017 | Cross-site scripting vulnerability in Splunk Enterprise 6.3.x prior to 6.3.5 and Splunk Light 6.3.x prior to 6.3.5 allows attacker with administrator rights to inject arbitrary web script or HTML via unspecified vectors. | ||
| CVE-2026-20203 | Med | 0.28 | 4.3 | 0.00 | Apr 15, 2026 | In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.6, 10.2.2510.10, 10.1.2507.19, 10.0.2503.13, and 9.3.2411.127, a low-privileged user that does not hold the `admin` or `power` Splunk… | ||
| CVE-2017-5607 | Low | 0.26 | 3.5 | 0.06 | Apr 10, 2017 | Splunk Enterprise 5.0.x before 5.0.18, 6.0.x before 6.0.14, 6.1.x before 6.1.13, 6.2.x before 6.2.13.1, 6.3.x before 6.3.10, 6.4.x before 6.4.6, and 6.5.x before 6.5.3 and Splunk Light before 6.5.2 assigns the $C JS property to the global Window namespace, which might allow… | ||
| CVE-2011-4642 | 0.05 | — | 0.29 | Jan 3, 2012 | mappy.py in Splunk Web in Splunk 4.2.x before 4.2.5 does not properly restrict use of the mappy command to access Python classes, which allows remote authenticated administrators to execute arbitrary code by leveraging the sys module in a request to the search application, as… | |||
| CVE-2011-4644 | 0.04 | — | 0.08 | Jan 3, 2012 | Splunk 4.2.5 and earlier, when a Free license is selected, enables potentially undesirable functionality within an environment that intentionally does not support authentication, which allows remote attackers to (1) read arbitrary files via a management-console session that… | |||
| CVE-2011-4643 | 0.04 | — | 0.08 | Jan 3, 2012 | Multiple directory traversal vulnerabilities in Splunk 4.x before 4.2.5 allow remote authenticated users to read arbitrary files via a .. (dot dot) in a URI to (1) Splunk Web or (2) the Splunkd HTTP Server, aka SPL-45243. | |||
| CVE-2014-8380 | 0.03 | — | 0.03 | Oct 21, 2014 | Cross-site scripting (XSS) vulnerability in Splunk 6.1.1 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer Header in a "404 Not Found" response. NOTE: this vulnerability might exist because of a CVE-2010-2429 regression. | |||
| CVE-2024-23676 | 0.00 | — | 0.00 | Jan 22, 2024 | In Splunk versions below 9.0.8 and 9.1.3, the “mrollup” SPL command lets a low-privileged user view metrics on an index that they do not have permission to view. This vulnerability requires user interaction from a high-privileged user to exploit. | |||
| CVE-2023-4571 | 0.00 | — | 0.00 | Aug 30, 2023 | In Splunk IT Service Intelligence (ITSI) versions below below 4.13.3, 4.15.3, or 4.17.1, a malicious actor can inject American National Standards Institute (ANSI) escape codes into Splunk ITSI log files that, when a vulnerable terminal application reads them, can run malicious… | |||
| CVE-2013-6772 | 0.00 | — | 0.01 | Jan 23, 2020 | Splunk before 5.0.4 lacks X-Frame-Options which can allow Clickjacking | |||
| CVE-2015-7604 | 0.00 | — | 0.01 | Sep 29, 2015 | Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.2.x before 6.2.6 and Splunk Light 6.2.x before 6.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||
| CVE-2015-6515 | 0.00 | — | 0.01 | Aug 18, 2015 | Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.2.x before 6.2.4, 6.1.x before 6.1.8, 6.0.x before 6.0.9, and 5.0.x before 5.0.13 and Splunk Light 6.2.x before 6.2.4 allows remote attackers to inject arbitrary web script or HTML via a header. | |||
| CVE-2015-6514 | 0.00 | — | 0.01 | Aug 18, 2015 | Cross-site scripting (XSS) vulnerability in the Dashboard in Splunk Enterprise 6.2.x before 6.2.4 and Splunk Light 6.2.x before 6.2.4 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||
| CVE-2014-5466 | 0.00 | — | 0.01 | Dec 16, 2014 | Cross-site scripting (XSS) vulnerability in the Dashboard in Splunk Web in Splunk Enterprise 6.1.x before 6.1.4, 6.0.x before 6.0.7, and 5.0.x before 5.0.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||
| CVE-2014-8303 | 0.00 | — | 0.01 | Oct 16, 2014 | Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.4 and 6.0.x before 6.0.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to event parsing. | |||
| CVE-2014-8302 | 0.00 | — | 0.01 | Oct 16, 2014 | Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.4, 6.0.x before 6.0.6, and 5.0.x before 5.0.10 allows remote attackers to inject arbitrary web script or HTML via vectors related to dashboard. | |||
| CVE-2014-8301 | 0.00 | — | 0.01 | Oct 16, 2014 | Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 5.0.x before 5.0.10 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header. | |||
| CVE-2014-3147 | 0.00 | — | 0.01 | Oct 10, 2014 | Cross-site scripting (XSS) vulnerability in the auto-complete feature in Splunk Enterprise before 6.0.4 allows remote authenticated users to inject arbitrary web script or HTML via a CSV file. |
- risk 0.31cvss 4.8epss 0.01
Persistent Cross Site Scripting (XSS) exists in Splunk Enterprise 6.5.x before 6.5.2, 6.4.x before 6.4.6, and 6.3.x before 6.3.9 and Splunk Light before 6.5.2, with exploitation requiring administrative access, aka SPL-134104.
- risk 0.31cvss 4.8epss 0.01
Cross-site scripting vulnerability in Splunk Enterprise 6.4.x prior to 6.4.2, Splunk Enterprise 6.3.x prior to 6.3.6, Splunk Enterprise 6.2.x prior to 6.2.10, Splunk Enterprise 6.1.x prior to 6.1.11, Splunk Enterprise 6.0.x prior to 6.0.12, Splunk Enterprise 5.0.x prior to…
- risk 0.31cvss 4.8epss 0.01
Cross-site scripting vulnerability in Splunk Enterprise 6.3.x prior to 6.3.5 and Splunk Light 6.3.x prior to 6.3.5 allows attacker with administrator rights to inject arbitrary web script or HTML via unspecified vectors.
- risk 0.28cvss 4.3epss 0.00
In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.6, 10.2.2510.10, 10.1.2507.19, 10.0.2503.13, and 9.3.2411.127, a low-privileged user that does not hold the `admin` or `power` Splunk…
- risk 0.26cvss 3.5epss 0.06
Splunk Enterprise 5.0.x before 5.0.18, 6.0.x before 6.0.14, 6.1.x before 6.1.13, 6.2.x before 6.2.13.1, 6.3.x before 6.3.10, 6.4.x before 6.4.6, and 6.5.x before 6.5.3 and Splunk Light before 6.5.2 assigns the $C JS property to the global Window namespace, which might allow…
- CVE-2011-4642Jan 3, 2012risk 0.05cvss —epss 0.29
mappy.py in Splunk Web in Splunk 4.2.x before 4.2.5 does not properly restrict use of the mappy command to access Python classes, which allows remote authenticated administrators to execute arbitrary code by leveraging the sys module in a request to the search application, as…
- CVE-2011-4644Jan 3, 2012risk 0.04cvss —epss 0.08
Splunk 4.2.5 and earlier, when a Free license is selected, enables potentially undesirable functionality within an environment that intentionally does not support authentication, which allows remote attackers to (1) read arbitrary files via a management-console session that…
- CVE-2011-4643Jan 3, 2012risk 0.04cvss —epss 0.08
Multiple directory traversal vulnerabilities in Splunk 4.x before 4.2.5 allow remote authenticated users to read arbitrary files via a .. (dot dot) in a URI to (1) Splunk Web or (2) the Splunkd HTTP Server, aka SPL-45243.
- CVE-2014-8380Oct 21, 2014risk 0.03cvss —epss 0.03
Cross-site scripting (XSS) vulnerability in Splunk 6.1.1 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer Header in a "404 Not Found" response. NOTE: this vulnerability might exist because of a CVE-2010-2429 regression.
- CVE-2024-23676Jan 22, 2024risk 0.00cvss —epss 0.00
In Splunk versions below 9.0.8 and 9.1.3, the “mrollup” SPL command lets a low-privileged user view metrics on an index that they do not have permission to view. This vulnerability requires user interaction from a high-privileged user to exploit.
- CVE-2023-4571Aug 30, 2023risk 0.00cvss —epss 0.00
In Splunk IT Service Intelligence (ITSI) versions below below 4.13.3, 4.15.3, or 4.17.1, a malicious actor can inject American National Standards Institute (ANSI) escape codes into Splunk ITSI log files that, when a vulnerable terminal application reads them, can run malicious…
- CVE-2013-6772Jan 23, 2020risk 0.00cvss —epss 0.01
Splunk before 5.0.4 lacks X-Frame-Options which can allow Clickjacking
- CVE-2015-7604Sep 29, 2015risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.2.x before 6.2.6 and Splunk Light 6.2.x before 6.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
- CVE-2015-6515Aug 18, 2015risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.2.x before 6.2.4, 6.1.x before 6.1.8, 6.0.x before 6.0.9, and 5.0.x before 5.0.13 and Splunk Light 6.2.x before 6.2.4 allows remote attackers to inject arbitrary web script or HTML via a header.
- CVE-2015-6514Aug 18, 2015risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in the Dashboard in Splunk Enterprise 6.2.x before 6.2.4 and Splunk Light 6.2.x before 6.2.4 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
- CVE-2014-5466Dec 16, 2014risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in the Dashboard in Splunk Web in Splunk Enterprise 6.1.x before 6.1.4, 6.0.x before 6.0.7, and 5.0.x before 5.0.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
- CVE-2014-8303Oct 16, 2014risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.4 and 6.0.x before 6.0.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to event parsing.
- CVE-2014-8302Oct 16, 2014risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.4, 6.0.x before 6.0.6, and 5.0.x before 5.0.10 allows remote attackers to inject arbitrary web script or HTML via vectors related to dashboard.
- CVE-2014-8301Oct 16, 2014risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 5.0.x before 5.0.10 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header.
- CVE-2014-3147Oct 10, 2014risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in the auto-complete feature in Splunk Enterprise before 6.0.4 allows remote authenticated users to inject arbitrary web script or HTML via a CSV file.
Page 2 of 3