VYPR

Splunk Cloud Platform

by Splunk

CVEs (101)

  • CVE-2024-36982Jul 1, 2024
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109 and 9.1.2308.207, an attacker could trigger a null pointer reference on the cluster/config REST endpoint, which could result in a crash of the Splunk daemon.

  • CVE-2024-36990Jul 1, 2024
    risk 0.00cvss epss 0.01

    In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.2.2403.100, an authenticated, low-privileged user that does not hold the admin or power Splunk roles could send a specially crafted HTTP POST request to the datamodel/web REST…

  • CVE-2024-36992Jul 1, 2024
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the admin or power Splunk roles could craft a malicious payload through a View that could result in…

  • CVE-2024-36986Jul 1, 2024
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, an authenticated user could run risky commands using the permissions of a higher-privileged user to bypass SPL safeguards for risky commands in…

  • CVE-2024-36983Jul 1, 2024
    risk 0.00cvss epss 0.01

    In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109 and 9.1.2308.207, an authenticated user could create an external lookup that calls a legacy internal function. The authenticated user could use this internal…

  • CVE-2024-36996Jul 1, 2024
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109, an attacker could determine whether or not another user exists on the instance by deciphering the error response that they would likely receive from the instance…

  • CVE-2024-36994Jul 1, 2024
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the admin or power Splunk roles could craft a malicious payload through a View and Splunk Web Bulletin…

  • CVE-2024-36989Jul 1, 2024
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, a low-privileged user that does not hold the admin or power Splunk roles could create notifications in Splunk Web Bulletin Messages that all users on the instance…

  • CVE-2024-36987Jul 1, 2024
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, an authenticated, low-privileged user who does not hold the admin or power Splunk roles could upload a file with an arbitrary extension using the indexing/preview…

  • CVE-2024-29946Mar 27, 2024
    risk 0.00cvss epss 0.01

    In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the Dashboard Examples Hub lacks protections for risky SPL commands. This could let attackers bypass SPL safeguards for risky commands in the Hub. The vulnerability would require the attacker to phish the victim by…

  • CVE-2024-23676Jan 22, 2024
    risk 0.00cvss epss 0.00

    In Splunk versions below 9.0.8 and 9.1.3, the “mrollup” SPL command lets a low-privileged user view metrics on an index that they do not have permission to view. This vulnerability requires user interaction from a high-privileged user to exploit.

  • CVE-2024-23677Jan 22, 2024
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.0.8, the Splunk RapidDiag utility discloses server responses from external applications in a log file.

  • CVE-2024-23675Jan 22, 2024
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store (KV Store) improperly handles permissions for users that use the REST application programming interface (API). This can potentially result in the deletion of KV Store collections.

  • CVE-2023-46213Nov 16, 2023
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.0.7 and 9.1.2, ineffective escaping in the “Show syntax Highlighted” feature can result in the execution of unauthorized code in a user’s web browser.

  • CVE-2023-40597Aug 30, 2023
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can exploit an absolute path traversal to execute arbitrary code that is located on a separate disk.

  • CVE-2023-40593Aug 30, 2023
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions lower than 9.0.6 and 8.2.12, a malicious actor can send a malformed security assertion markup language (SAML) request to the `/saml/acs` REST endpoint which can cause a denial of service through a crash or hang of the Splunk daemon.

  • CVE-2023-40594Aug 30, 2023
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can use the `printf` SPL function to perform a denial of service (DoS) against the Splunk Enterprise instance.

  • CVE-2023-40592Aug 30, 2023
    risk 0.00cvss epss 0.01

    In Splunk Enterprise versions below 9.1.1, 9.0.6, and 8.2.12, an attacker can craft a special web request that can result in reflected cross-site scripting (XSS) on the “/app/search/table” web endpoint. Exploitation of this vulnerability can lead to the execution of…

  • CVE-2023-40595Aug 30, 2023
    risk 0.00cvss epss 0.01

    In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can execute a specially crafted query that they can then use to serialize untrusted data. The attacker can use the query to execute arbitrary code.

  • CVE-2023-40598Aug 30, 2023
    risk 0.00cvss epss 0.01

    In Splunk Enterprise versions below 8.2.12, 9.0.6, and 9.1.1, an attacker can create an external lookup that calls a legacy internal function. The attacker can use this internal function to insert code into the Splunk platform installation directory. From there, a user can…

Page 4 of 6