VYPR

Vendor CVEs

Splunk

All CVEs

240 total · sorted by risk
  • CVE-2025-20297Jun 2, 2025
    risk 0.00cvss epss 0.13

    In Splunk Enterprise versions below 9.4.2, 9.3.4 and 9.2.6, and Splunk Cloud Platform versions below 9.3.2411.102, 9.3.2408.111 and 9.2.2406.118, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload through the…

  • CVE-2025-20230Mar 26, 2025
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and versions below 3.8.38 and 3.7.23 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could edit and delete other…

  • CVE-2025-20233Mar 26, 2025
    risk 0.00cvss epss 0.00

    In the Splunk App for Lookup File Editing versions below 4.0.5, a script in the app used the `chmod` and `makedirs` Python functions in a way that resulted in overly broad read and execute permissions. This could lead to improper access control for a low-privileged user.

  • CVE-2025-20232Mar 26, 2025
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform versions below 9.3.2408.103, 9.2.2406.108, 9.2.2403.113, 9.1.2312.208 and 9.1.2308.212, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could run a saved…

  • CVE-2025-20228Mar 26, 2025
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform versions below 9.2.2403.108, and 9.1.2312.204, a low-privileged user that does not hold the "admin" or "power" Splunk roles could change the maintenance mode state of App Key Value Store…

  • CVE-2025-20227Mar 26, 2025
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and Splunk Cloud Platform versions below 9.3.2408.107, 9.2.2406.112, 9.2.2403.115, 9.1.2312.208 and 9.1.2308.214, a low-privileged user that does not hold the "admin" or "power" Splunk roles could bypass the…

  • CVE-2025-20226Mar 26, 2025
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform versions below 9.3.2408.107, 9.2.2406.111, and 9.1.2308.214, a low-privileged user that does not hold the "admin" or "power" Splunk roles could run a saved search with a risky command…

  • CVE-2025-20231Mar 26, 2025
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and versions below 3.8.38 and 3.7.23 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could run a search using the…

  • CVE-2024-53244Dec 10, 2024
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions below 9.2.2406.107, 9.2.2403.109, and 9.1.2312.206, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could run a saved search with a risky command…

  • CVE-2024-53246Dec 10, 2024
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions below 9.3.2408.101, 9.2.2406.106, 9.2.2403.111, and 9.1.2312.206, an SPL command can potentially disclose sensitive information. The vulnerability requires the exploitation of another…

  • CVE-2024-53245Dec 10, 2024
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.3.0, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions below 9.1.2312.206, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles, that has a username with the same name as a role with read access to…

  • CVE-2024-45739Oct 14, 2024
    risk 0.00cvss epss 0.01

    In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes plaintext passwords for local native authentication Splunk users. This exposure could happen when you configure the Splunk Enterprise AdminManager log channel at the DEBUG logging level.

  • CVE-2024-45738Oct 14, 2024
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes sensitive HTTP parameters to the `_internal` index. This exposure could happen if you configure the Splunk Enterprise `REST_Calls` log channel at the DEBUG logging level.

  • CVE-2024-45737Oct 14, 2024
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108, and 9.1.2312.204, a low-privileged user that does not hold the "admin" or "power" Splunk roles could change the maintenance mode state of App Key Value Store…

  • CVE-2024-45733Oct 14, 2024
    risk 0.00cvss epss 0.01

    In Splunk Enterprise for Windows versions below 9.2.3 and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could perform a Remote Code Execution (RCE) due to an insecure session storage configuration.

  • CVE-2024-45732Oct 14, 2024
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.3.1, and 9.2.0 versions below 9.2.3, and Splunk Cloud Platform versions below 9.2.2403.103, 9.1.2312.200, 9.1.2312.110 and 9.1.2308.208, a low-privileged user that does not hold the "admin" or "power" Splunk roles could run a search as the…

  • CVE-2024-45736Oct 14, 2024
    risk 0.00cvss epss 0.01

    In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.107, 9.1.2312.204, and 9.1.2312.111, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a search query with an improperly formatted…

  • CVE-2024-45741Oct 14, 2024
    risk 0.00cvss epss 0.13

    In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108 and 9.1.2312.205, a low-privileged user that does not hold the "admin" or "power" Splunk roles could create a malicious payload through a custom configuration file that the…

  • CVE-2024-45734Oct 14, 2024
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions 9.3.0, 9.2.3, and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could view images on the machine that runs Splunk Enterprise by using the PDF export feature in Splunk classic dashboards. The images on the …

  • CVE-2024-45740Oct 14, 2024
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload through Scheduled Views that could result in execution of…

  • CVE-2024-45731Oct 14, 2024
    risk 0.00cvss epss 0.01

    In Splunk Enterprise for Windows versions below 9.3.1, 9.2.3, and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could write a file to the Windows system root directory, which has a default location in the Windows System32 folder, when Splunk…

  • CVE-2024-45735Oct 14, 2024
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.2.3 and 9.1.6, and Splunk Secure Gateway versions on Splunk Cloud Platform versions below 3.4.259, 3.6.17, and 3.7.0, a low-privileged user that does not hold the "admin" or "power" Splunk roles can see App Key Value Store (KV Store)…

  • CVE-2024-36997Jul 1, 2024
    risk 0.00cvss epss 0.01

    In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312, an admin user could store and execute arbitrary JavaScript code in the browser context of another Splunk user through the conf-web/settings REST endpoint. This could…

  • CVE-2024-36993Jul 1, 2024
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the admin or power Splunk roles could craft a malicious payload through a Splunk Web Bulletin Messages…

  • CVE-2024-36995Jul 1, 2024
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the admin or power Splunk roles could create experimental items.

  • CVE-2024-36982Jul 1, 2024
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109 and 9.1.2308.207, an attacker could trigger a null pointer reference on the cluster/config REST endpoint, which could result in a crash of the Splunk daemon.

  • CVE-2024-36990Jul 1, 2024
    risk 0.00cvss epss 0.01

    In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.2.2403.100, an authenticated, low-privileged user that does not hold the admin or power Splunk roles could send a specially crafted HTTP POST request to the datamodel/web REST…

  • CVE-2024-36992Jul 1, 2024
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the admin or power Splunk roles could craft a malicious payload through a View that could result in…

  • CVE-2024-36984Jul 1, 2024
    risk 0.00cvss epss 0.01

    In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 on Windows, an authenticated user could execute a specially crafted query that they could then use to serialize untrusted data. The attacker could use the query to execute arbitrary code.

  • CVE-2024-36986Jul 1, 2024
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, an authenticated user could run risky commands using the permissions of a higher-privileged user to bypass SPL safeguards for risky commands in…

  • CVE-2024-36983Jul 1, 2024
    risk 0.00cvss epss 0.01

    In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109 and 9.1.2308.207, an authenticated user could create an external lookup that calls a legacy internal function. The authenticated user could use this internal…

  • CVE-2024-36996Jul 1, 2024
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109, an attacker could determine whether or not another user exists on the instance by deciphering the error response that they would likely receive from the instance…

  • CVE-2024-36994Jul 1, 2024
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the admin or power Splunk roles could craft a malicious payload through a View and Splunk Web Bulletin…

  • CVE-2024-36989Jul 1, 2024
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, a low-privileged user that does not hold the admin or power Splunk roles could create notifications in Splunk Web Bulletin Messages that all users on the instance…

  • CVE-2024-36987Jul 1, 2024
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, an authenticated, low-privileged user who does not hold the admin or power Splunk roles could upload a file with an arbitrary extension using the indexing/preview…

  • CVE-2024-29945Mar 27, 2024
    risk 0.00cvss epss 0.01

    In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the software potentially exposes authentication tokens during the token validation process. This exposure happens when either Splunk Enterprise runs in debug mode or the JsonWebToken component has been configured to…

  • CVE-2024-29946Mar 27, 2024
    risk 0.00cvss epss 0.01

    In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the Dashboard Examples Hub lacks protections for risky SPL commands. This could let attackers bypass SPL safeguards for risky commands in the Hub. The vulnerability would require the attacker to phish the victim by…

  • CVE-2023-46230Jan 30, 2024
    risk 0.00cvss epss 0.00

    In Splunk Add-on Builder versions below 4.1.4, the app writes sensitive information to internal log files.

  • CVE-2023-46231Jan 30, 2024
    risk 0.00cvss epss 0.00

    In Splunk Add-on Builder versions below 4.1.4, the application writes user session tokens to its internal log files when you visit the Splunk Add-on Builder or when you build or edit a custom app or add-on.

  • CVE-2024-23678Jan 22, 2024
    risk 0.00cvss epss 0.00

    In Splunk Enterprise for Windows versions below 9.0.8 and 9.1.3, Splunk Enterprise does not correctly sanitize path input data. This results in the unsafe deserialization of untrusted data from a separate disk partition on the machine. This vulnerability only affects Splunk…

  • CVE-2024-23676Jan 22, 2024
    risk 0.00cvss epss 0.00

    In Splunk versions below 9.0.8 and 9.1.3, the “mrollup” SPL command lets a low-privileged user view metrics on an index that they do not have permission to view. This vulnerability requires user interaction from a high-privileged user to exploit.

  • CVE-2024-23677Jan 22, 2024
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.0.8, the Splunk RapidDiag utility discloses server responses from external applications in a log file.

  • CVE-2024-23675Jan 22, 2024
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store (KV Store) improperly handles permissions for users that use the REST application programming interface (API). This can potentially result in the deletion of KV Store collections.

  • CVE-2024-22164Jan 9, 2024
    risk 0.00cvss epss 0.00

    In Splunk Enterprise Security (ES) versions below 7.1.2, an attacker can use investigation attachments to perform a denial of service (DoS) to the Investigation. The attachment endpoint does not properly limit the size of the request which lets an attacker cause the…

  • CVE-2024-22165Jan 9, 2024
    risk 0.00cvss epss 0.01

    In Splunk Enterprise Security (ES) versions lower than 7.1.2, an attacker can create a malformed Investigation to perform a denial of service (DoS). The malformed investigation prevents the generation and rendering of the Investigations manager until it is deleted.The…

  • CVE-2023-46213Nov 16, 2023
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions below 9.0.7 and 9.1.2, ineffective escaping in the “Show syntax Highlighted” feature can result in the execution of unauthorized code in a user’s web browser.

  • CVE-2023-40597Aug 30, 2023
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can exploit an absolute path traversal to execute arbitrary code that is located on a separate disk.

  • CVE-2023-40596Aug 30, 2023
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions earlier than 8.2.12, 9.0.6, and 9.1.1, a dynamic link library (DLL) that ships with Splunk Enterprise references an insecure path for the OPENSSLDIR build definition. An attacker can abuse this reference and subsequently install malicious code to…

  • CVE-2023-40593Aug 30, 2023
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions lower than 9.0.6 and 8.2.12, a malicious actor can send a malformed security assertion markup language (SAML) request to the `/saml/acs` REST endpoint which can cause a denial of service through a crash or hang of the Splunk daemon.

  • CVE-2023-40594Aug 30, 2023
    risk 0.00cvss epss 0.00

    In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can use the `printf` SPL function to perform a denial of service (DoS) against the Splunk Enterprise instance.