splunk
284 tracked vulnerabilities.
CVE-2016-4857
MEDIUM
Splunk Enterprise 6.2.x-6.4.x and Splunk Light < 6.4.2 - Open Redirect
May 12, 2017
CVSS 6.1
EPSS 0.01
CVE-2016-4856
MEDIUM
Splunk Enterprise 6.3.x < 6.3.5 and Splunk Light 6.3.x < 6.3.5 - Authenticated Cross-Site Scripting
May 12, 2017
CVSS 4.8
EPSS 0.01
CVE-2016-10126
CRITICAL
Splunk Enterprise 5.0.x-6.4.x - HTTP Request Injection and Authentication Token Exposure
Jan 10, 2017
CVSS 9.8
EPSS 0.04
CVE-2015-7604
Splunk Enterprise 6.2.x < 6.2.6 and Splunk Light 6.2.x < 6.2.6 - Cross-Site Scripting
Sep 29, 2015
EPSS 0.01
CVE-2015-6515
Splunk Enterprise 5.0.x-6.2.x and Splunk Light 6.2.x - Cross-Site Scripting via Header
Aug 18, 2015
EPSS 0.01
CVE-2015-6514
Splunk Enterprise 6.2.x < 6.2.4 and Splunk Light 6.2.x < 6.2.4 - Authenticated Cross-Site Scripting
Aug 18, 2015
EPSS 0.01
CVE-2014-5466
Splunk Enterprise 6.1.x < 6.1.4, 6.0.x < 6.0.7, 5.0.x < 5.0.10 - Cross-Site Scripting in Dashboard
Dec 16, 2014
EPSS 0.01
CVE-2014-8380
Splunk 6.1.1 - Cross-Site Scripting via HTTP Referer Header
Oct 21, 2014
EPSS 0.03
CVE-2014-8303
Splunk Enterprise 6.0.x-6.1.x - Cross-Site Scripting via Event Parsing
Oct 16, 2014
EPSS 0.01
CVE-2014-8302
Splunk Enterprise 5.0.x-6.1.x - Cross-Site Scripting via Dashboard
Oct 16, 2014
EPSS 0.01
CVE-2014-8301
Splunk Enterprise 5.0.x - Cross-Site Scripting via HTTP Referer Header
Oct 16, 2014
EPSS 0.01
CVE-2014-3147
Splunk < 6.0.4 - Authenticated Cross-Site Scripting via Auto-Complete Feature
Oct 10, 2014
EPSS 0.01
CVE-2014-5198
Splunk Enterprise 6.1.x - Cross-Site Scripting via Referer HTTP Header
Aug 12, 2014
EPSS 0.02
CVE-2014-5197
Splunk Enterprise 6.1.x - Authenticated Path Traversal via URI
Aug 12, 2014
EPSS 0.02
CVE-2014-0160
HIGH
KEVNUCLEI
OpenSSL 1.0.1-1.0.1f - Out-of-bounds Read via Heartbeat Extension
Apr 07, 2014
CVSS 7.5
EPSS 1.00
CVE-2014-2578
Splunk < 5.0.8 - Cross-Site Scripting
Apr 02, 2014
EPSS 0.02
CVE-2013-6773
HIGH
Splunk 5.0-5.0.3 - Privilege Escalation via Unquoted Service Path
Jan 23, 2020
CVSS 7.8
EPSS 0.00
CVE-2013-6772
MEDIUM
Splunk < 5.0.4 - Clickjacking via Missing X-Frame-Options Header
Jan 23, 2020
CVSS 4.3
EPSS 0.01
CVE-2013-7394
Splunk < 5.0.5 - Authenticated Remote Code Execution via runshellscript echo.sh
Aug 07, 2014
EPSS 0.02
CVE-2013-6771
Splunk < 5.0.5 - Remote Command Execution via Collect Script File Parameter
Aug 07, 2014
EPSS 0.05
CVE-2013-6870
Splunk < 5.0.6 - Cross-Site Scripting
Nov 25, 2013
EPSS 0.02
CVE-2013-2766
Splunk 4.3.0-4.3.5 - Cross-Site Scripting
Apr 10, 2013
EPSS 0.02
CVE-2012-6447
Splunk 5.0.0-5.0.2 - Cross-Site Scripting
Jan 23, 2014
EPSS 0.02
CVE-2012-1908
Splunk 4.0-4.3 - Cross-Site Scripting
Aug 17, 2012
EPSS 0.01
CVE-2011-4778
Splunk 4.2.x - Cross-Site Scripting
Jan 03, 2012
EPSS 0.01
Products
splunk 201
splunk_cloud_platform 106
universal_forwarder 61
Splunk Enterprise 16
Splunk Cloud Platform 14
cloud 9
splunk_secure_gateway 5
Splunk AI Toolkit 3
Splunk Secure Gateway 3
add-on_builder 3
ai_toolkit 3
splunk_app_for_lookup_file_editing 3
Splunk MCP Server 2
enterprise_security 2
Splunk Add-on for Palo Alto Networks 1
Splunk App for SOAR 1
Splunk SOAR 1
Splunk Supporting Add-on for Active Directory 1
cloudconnect_software_development_kit 1
hadoop_connect 1
it_service_intelligence 1
nozzle 1
soar 1
software_development_kit 1
splunk_app_for_stream 1
Quick Filters