VYPR

Splunk Enterprise

by Splunk

CVEs (178)

  • CVE-2024-36989HigJul 1, 2024
    risk 0.46cvss 7.1epss 0.00

    In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, a low-privileged user that does not hold the admin or power Splunk roles could create notifications in Splunk Web Bulletin Messages that all users on the instance…

  • CVE-2023-40596HigAug 30, 2023
    risk 0.46cvss 7.0epss 0.00

    In Splunk Enterprise versions earlier than 8.2.12, 9.0.6, and 9.1.1, a dynamic link library (DLL) that ships with Splunk Enterprise references an insecure path for the OPENSSLDIR build definition. An attacker can abuse this reference and subsequently install malicious code to…

  • CVE-2017-18348HigOct 19, 2018
    risk 0.46cvss 7.0epss 0.00

    Splunk Enterprise 6.6.x, when configured to run as root but drop privileges to a specific non-root account, allows local users to gain privileges by leveraging access to that non-root account to modify $SPLUNK_HOME/etc/splunk-launch.conf and insert Trojan horse programs into…

  • CVE-2025-20319MedJul 7, 2025
    risk 0.44cvss 6.8epss 0.00

    In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, a user who holds a role that contains the high-privilege capability `edit_scripted` and `list_inputs` capability , could perform a remote command execution due to improper user input sanitization on the…

  • CVE-2022-32154MedJun 15, 2022
    risk 0.44cvss 6.8epss 0.01

    Dashboards in Splunk Enterprise versions before 9.0 might let an attacker inject risky search commands into a form token when the token is used in a query in a cross-origin request. The result bypasses SPL safeguards for risky commands. See New capabilities can limit access to…

  • CVE-2026-20240MedMay 20, 2026
    risk 0.42cvss 6.5epss 0.00

    In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.11, and 9.3.12, and Splunk Cloud Platform versions below 10.4.2603.1, 10.3.2512.9, 10.2.2510.11, 10.1.2507.21, 10.0.2503.13, and 9.3.2411.129, a low-privileged user that does not hold the ‘admin’ or ‘power’ Splunk…

  • CVE-2025-20321MedJul 7, 2025
    risk 0.42cvss 6.5epss 0.00

    In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7 and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.2408.114, and 9.2.2406.119, an unauthenticated attacker can send a specially-crafted SPL search that could change the membership state in a Splunk…

  • CVE-2025-20228MedMar 26, 2025
    risk 0.42cvss 6.5epss 0.00

    In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform versions below 9.2.2403.108, and 9.1.2312.204, a low-privileged user that does not hold the "admin" or "power" Splunk roles could change the maintenance mode state of App Key Value Store…

  • CVE-2024-45736MedOct 14, 2024
    risk 0.42cvss 6.5epss 0.01

    In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.107, 9.1.2312.204, and 9.1.2312.111, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a search query with an improperly formatted…

  • CVE-2024-36990MedJul 1, 2024
    risk 0.42cvss 6.5epss 0.01

    In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.2.2403.100, an authenticated, low-privileged user that does not hold the admin or power Splunk roles could send a specially crafted HTTP POST request to the datamodel/web REST…

  • CVE-2024-23675MedJan 22, 2024
    risk 0.42cvss 6.5epss 0.00

    In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store (KV Store) improperly handles permissions for users that use the REST application programming interface (API). This can potentially result in the deletion of KV Store collections.

  • CVE-2024-22165MedJan 9, 2024
    risk 0.42cvss 6.5epss 0.01

    In Splunk Enterprise Security (ES) versions lower than 7.1.2, an attacker can create a malformed Investigation to perform a denial of service (DoS). The malformed investigation prevents the generation and rendering of the Investigations manager until it is deleted.The…

  • CVE-2023-40594MedAug 30, 2023
    risk 0.42cvss 6.5epss 0.00

    In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can use the `printf` SPL function to perform a denial of service (DoS) against the Splunk Enterprise instance.

  • CVE-2023-32716MedJun 1, 2023
    risk 0.42cvss 6.5epss 0.01

    In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform versions below 9.0.2303.100, an attacker can exploit a vulnerability in the {{dump}} SPL command to cause a denial of service by crashing the Splunk daemon.

  • CVE-2023-22941MedFeb 14, 2023
    risk 0.42cvss 6.5epss 0.01

    In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, an improperly-formatted ‘INGEST_EVAL’ parameter in a Field Transformation crashes the Splunk daemon (splunkd).

  • CVE-2022-43561MedNov 3, 2022
    risk 0.42cvss 6.4epss 0.01

    In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, a remote user that holds the “power” Splunk role can store arbitrary scripts that can lead to persistent cross-site scripting (XSS). The vulnerability affects instances with Splunk Web enabled.

  • CVE-2018-7431MedOct 23, 2018
    risk 0.42cvss 6.5epss 0.02

    Directory traversal vulnerability in the Splunk Django App in Splunk Enterprise 6.0.x before 6.0.14, 6.1.x before 6.1.13, 6.2.x before 6.2.14, 6.3.x before 6.3.10, 6.4.x before 6.4.6, and 6.5.x before 6.5.3; and Splunk Light before 6.6.0 allows remote authenticated users to read…

  • CVE-2017-5880MedFeb 4, 2017
    risk 0.42cvss 6.5epss 0.01

    Splunk Web in Splunk Enterprise versions 6.5.x before 6.5.2, 6.4.x before 6.4.5, 6.3.x before 6.3.9, 6.2.x before 6.2.13, 6.1.x before 6.1.12, 6.0.x before 6.0.13, 5.0.x before 5.0.17 and Splunk Light versions before 6.5.2 allows remote authenticated users to cause a denial of…

  • CVE-2025-20320MedJul 7, 2025
    risk 0.41cvss 6.3epss 0.00

    In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7 and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.107, 9.3.2408.117, and 9.2.2406.121, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload through the…

  • CVE-2024-36986MedJul 1, 2024
    risk 0.41cvss 6.3epss 0.00

    In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, an authenticated user could run risky commands using the permissions of a higher-privileged user to bypass SPL safeguards for risky commands in…

Page 4 of 9