splunk

272 tracked vulnerabilities.

CVE-2023-40598 HIGH
Splunk Enterprise <8.2.12, 9.0.6, 9.1.1 - Code Injection
Aug 30, 2023
CVSS 8.5
EPSS 0.00
CVE-2023-40597 HIGH
Splunk Enterprise <8.2.12, 9.0.6, 9.1.1 - Path Traversal
Aug 30, 2023
CVSS 7.8
EPSS 0.00
CVE-2023-40596 HIGH
Splunk Enterprise <8.2.12-9.1.1 - Privilege Escalation
Aug 30, 2023
CVSS 7.0
EPSS 0.00
CVE-2023-40595 HIGH
Splunk Enterprise <8.2.12, 9.0.6, 9.1.1 - Code Injection
Aug 30, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-40594 MEDIUM
Splunk Enterprise <8.2.12,9.0.6,9.1.1 - DoS
Aug 30, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-40593 MEDIUM
Splunk Enterprise <9.0.6-8.2.12 - DoS
Aug 30, 2023
CVSS 6.3
EPSS 0.00
CVE-2023-40592 HIGH
Splunk Enterprise <9.1.1, 9.0.6, 8.2.12 - XSS
Aug 30, 2023
CVSS 8.4
EPSS 0.00
CVE-2023-3997 HIGH
Splunk SOAR <6.1.0 - Code Injection
Jul 31, 2023
CVSS 8.6
EPSS 0.00
CVE-2023-32717 MEDIUM
Splunk Enterprise < 9.0.5, 8.2.11, 8.1.14 & Splunk Cloud < 9.0.2303.100 - Unauthorized Search Result Overwrite
Jun 01, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-32716 MEDIUM
Splunk Enterprise < 9.0.5, 8.2.11, 8.1.14 & Splunk Cloud < 9.0.2303.100 - DoS via {{dump}} SPL Command
Jun 01, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-32715 MEDIUM
Splunk App for Lookup File Editing < 4.0.1 - Stored Cross-Site Scripting
Jun 01, 2023
CVSS 4.7
EPSS 0.00
CVE-2023-32714 HIGH
Splunk App for Lookup File Editing < 4.0.1 - Path Traversal and Arbitrary File Write
Jun 01, 2023
CVSS 8.1
EPSS 0.21
CVE-2023-32713 HIGH
Splunk App for Stream < 8.1.1 - Privilege Escalation via streamfwd Process
Jun 01, 2023
CVSS 7.8
EPSS 0.00
CVE-2023-32712 HIGH
Splunk Enterprise <9.1.0.2, <9.0.5.1, <8.2.11.2 - Code Injection
Jun 01, 2023
CVSS 8.6
EPSS 0.00
CVE-2023-32711 MEDIUM
Splunk 8.1.0-8.1.13 - Stored Cross-Site Scripting via Bootstrap Framework
Jun 01, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-32710 MEDIUM
Splunk Enterprise <9.0.5, <8.2.11, <8.1.14 & Splunk Cloud <9.0.2303.100 - Unauthorized Data Exposure
Jun 01, 2023
CVSS 4.8
EPSS 0.00
CVE-2023-32709 MEDIUM
Splunk < 9.0.5, 8.2.11, 8.1.14 & Splunk Cloud < 9.0.2303.100 - Unauthorized Access to Hashed Credentials
Jun 01, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-32708 HIGH
Splunk Enterprise < 9.0.5, < 8.2.11, < 8.1.14 and Splunk Cloud Platform < 9.0.2303.100 - HTTP Response Splitting
Jun 01, 2023
CVSS 7.2
EPSS 0.00
CVE-2023-32707 HIGH
Splunk Enterprise <9.0.5 - Privilege Escalation
Jun 01, 2023
CVSS 8.8
EPSS 0.83
CVE-2023-32706 HIGH
Splunk < 9.0.5, 8.2.11, 8.1.14 - Unauthenticated Denial of Service via SAML XML Parser
Jun 01, 2023
CVSS 7.7
EPSS 0.00
CVE-2023-27538 MEDIUM
libcurl < 8.0.0 - Authentication Bypass via SSH Connection Reuse
Mar 30, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-27537 MEDIUM
libcurl < 8.0.0 - Double Free via HSTS Data Sharing
Mar 30, 2023
CVSS 5.9
EPSS 0.00
CVE-2023-27536 MEDIUM
libcurl < 8.0.0 - Authentication Bypass via Connection Reuse
Mar 30, 2023
CVSS 5.9
EPSS 0.00
CVE-2023-27535 MEDIUM
libcurl < 8.0.0 - Authentication Bypass via FTP Connection Reuse
Mar 30, 2023
CVSS 5.9
EPSS 0.00
CVE-2023-27534 HIGH
curl < 8.0.0 - Path Traversal via SFTP Tilde Character Handling
Mar 30, 2023
CVSS 8.8
EPSS 0.00
Products
splunk 192 splunk_cloud_platform 98 universal_forwarder 61 cloud 9 Splunk Enterprise 7 Splunk Cloud Platform 5 splunk_secure_gateway 4 add-on_builder 3 splunk_app_for_lookup_file_editing 3 Splunk MCP Server 2 Splunk Secure Gateway 2 enterprise_security 2 Splunk AI Toolkit 1 Splunk Add-on for Palo Alto Networks 1 Splunk App for SOAR 1 Splunk Supporting Add-on for Active Directory 1 cloudconnect_software_development_kit 1 hadoop_connect 1 it_service_intelligence 1 nozzle 1 soar 1 software_development_kit 1 splunk_app_for_stream 1
Quick Filters
Critical CVEs With Exploits In CISA KEV