VYPR

Splunk Enterprise

by Splunk

CVEs (178)

  • CVE-2024-36993MedJul 1, 2024
    risk 0.35cvss 5.4epss 0.00

    In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the admin or power Splunk roles could craft a malicious payload through a Splunk Web Bulletin Messages…

  • CVE-2024-36992MedJul 1, 2024
    risk 0.35cvss 5.4epss 0.00

    In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the admin or power Splunk roles could craft a malicious payload through a View that could result in…

  • CVE-2023-32711MedJun 1, 2023
    risk 0.35cvss 5.4epss 0.00

    In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, a Splunk dashboard view lets a low-privileged user exploit a vulnerability in the Bootstrap web framework (CVE-2019-8331) and build a stored cross-site scripting (XSS) payload.

  • CVE-2023-22942MedFeb 14, 2023
    risk 0.35cvss 5.4epss 0.00

    In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, a cross-site request forgery in the Splunk Secure Gateway (SSG) app in the ‘kvstore_client’ REST endpoint lets a potential attacker update SSG KV store collections using an HTTP GET request.

  • CVE-2021-33845MedMay 6, 2022
    risk 0.35cvss 5.3epss 0.01

    The Splunk Enterprise REST API allows enumeration of usernames via the lockout error message. The potential vulnerability impacts Splunk Enterprise instances before 8.1.7 when configured to repress verbose login errors.

  • CVE-2019-5727MedFeb 21, 2019
    risk 0.35cvss 5.4epss 0.01

    Splunk Web in Splunk Enterprise 6.5.x before 6.5.5, 6.4.x before 6.4.9, 6.3.x before 6.3.12, 6.2.x before 6.2.14, 6.1.x before 6.1.14, and 6.0.x before 6.0.15 and Splunk Light before 6.6.0 has Persistent XSS, aka SPL-138827.

  • CVE-2024-53246MedDec 10, 2024
    risk 0.34cvss 5.3epss 0.00

    In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions below 9.3.2408.101, 9.2.2406.106, 9.2.2403.111, and 9.1.2312.206, an SPL command can potentially disclose sensitive information. The vulnerability requires the exploitation of another…

  • CVE-2024-36996MedJul 1, 2024
    risk 0.34cvss 5.3epss 0.00

    In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109, an attacker could determine whether or not another user exists on the instance by deciphering the error response that they would likely receive from the instance…

  • CVE-2024-45739MedOct 14, 2024
    risk 0.32cvss 4.9epss 0.01

    In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes plaintext passwords for local native authentication Splunk users. This exposure could happen when you configure the Splunk Enterprise AdminManager log channel at the DEBUG logging level.

  • CVE-2024-45738MedOct 14, 2024
    risk 0.32cvss 4.9epss 0.00

    In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes sensitive HTTP parameters to the `_internal` index. This exposure could happen if you configure the Splunk Enterprise `REST_Calls` log channel at the DEBUG logging level.

  • CVE-2022-43564MedNov 4, 2022
    risk 0.32cvss 4.9epss 0.01

    In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, a remote user who can create search macros and schedule search reports can cause a denial of service through the use of specially crafted search macros.

  • CVE-2023-46213MedNov 16, 2023
    risk 0.31cvss 4.8epss 0.00

    In Splunk Enterprise versions below 9.0.7 and 9.1.2, ineffective escaping in the “Show syntax Highlighted” feature can result in the execution of unauthorized code in a user’s web browser.

  • CVE-2023-32710MedJun 1, 2023
    risk 0.31cvss 4.8epss 0.00

    In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and in Splunk Cloud Platform versions below 9.0.2303.100, a low-privileged user can perform an unauthorized transfer of data from a search using the ‘copyresults’ command if they know the search ID (SID) of a …

  • CVE-2017-12572MedAug 5, 2017
    risk 0.31cvss 4.8epss 0.01

    Persistent Cross Site Scripting (XSS) exists in Splunk Enterprise 6.5.x before 6.5.2, 6.4.x before 6.4.6, and 6.3.x before 6.3.9 and Splunk Light before 6.5.2, with exploitation requiring administrative access, aka SPL-134104.

  • CVE-2016-4858MedMay 12, 2017
    risk 0.31cvss 4.8epss 0.01

    Cross-site scripting vulnerability in Splunk Enterprise 6.4.x prior to 6.4.2, Splunk Enterprise 6.3.x prior to 6.3.6, Splunk Enterprise 6.2.x prior to 6.2.10, Splunk Enterprise 6.1.x prior to 6.1.11, Splunk Enterprise 6.0.x prior to 6.0.12, Splunk Enterprise 5.0.x prior to…

  • CVE-2016-4856MedMay 12, 2017
    risk 0.31cvss 4.8epss 0.01

    Cross-site scripting vulnerability in Splunk Enterprise 6.3.x prior to 6.3.5 and Splunk Light 6.3.x prior to 6.3.5 allows attacker with administrator rights to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2024-23676MedJan 22, 2024
    risk 0.30cvss 4.6epss 0.00

    In Splunk versions below 9.0.8 and 9.1.3, the “mrollup” SPL command lets a low-privileged user view metrics on an index that they do not have permission to view. This vulnerability requires user interaction from a high-privileged user to exploit.

  • CVE-2025-20297MedJun 2, 2025
    risk 0.29cvss 4.3epss 0.13

    In Splunk Enterprise versions below 9.4.2, 9.3.4 and 9.2.6, and Splunk Cloud Platform versions below 9.3.2411.102, 9.3.2408.111 and 9.2.2406.118, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload through the…

  • CVE-2025-20323MedJul 7, 2025
    risk 0.28cvss 4.3epss 0.00

    In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, a low-privileged user that does not hold the "admin" or "power" Splunk roles could turn off the scheduled search `Bucket Copy Trigger` within the Splunk Archiver application. This is because of missing access…

  • CVE-2025-20322MedJul 7, 2025
    risk 0.28cvss 4.3epss 0.00

    In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.2408.113, and 9.2.2406.119, an unauthenticated attacker could send a specially-crafted SPL search command that could trigger a rolling restart in the…

Page 6 of 9