splunk

284 tracked vulnerabilities.

CVE-2024-29945 HIGH
Splunk Enterprise <9.2.1-9.0.9 - Info Disclosure
Mar 27, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-23678 HIGH
Splunk Enterprise for Windows 9.0.0-9.0.8 - Unsafe Deserialization via Path Input
Jan 22, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-23677 MEDIUM
Splunk Cloud < 9.0.2208 and Splunk Enterprise 9.0.0-9.0.8 - Sensitive Information Disclosure in RapidDiag Log File
Jan 22, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-23676 MEDIUM
Splunk Cloud < 9.1.2308.200 and Splunk 9.0.0-9.0.8 - Unauthorized Metrics Access via mrollup SPL Command
Jan 22, 2024
CVSS 4.6
EPSS 0.00
CVE-2024-23675 MEDIUM
Splunk Cloud < 9.1.2312.100 and Splunk Enterprise 9.0.0-9.0.8 - Improper Access Control in KV Store REST API
Jan 22, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-22165 MEDIUM
Splunk Enterprise Security < 7.1.2 - Authenticated Denial of Service via Malformed Investigation
Jan 09, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-22164 MEDIUM
Splunk Enterprise Security < 7.1.2 - Denial of Service via Investigation Attachment Endpoint
Jan 09, 2024
CVSS 4.3
EPSS 0.00
CVE-2023-46231 MEDIUM
Splunk Add-on Builder <4.1.4 - Info Disclosure
Jan 30, 2024
CVSS 6.8
EPSS 0.00
CVE-2023-46230 HIGH
Splunk Add-on Builder <4.1.4 - Info Disclosure
Jan 30, 2024
CVSS 8.2
EPSS 0.00
CVE-2023-46214 HIGH
Splunk Enterprise <9.0.7-9.1.2 - RCE
Nov 16, 2023
CVSS 8.0
EPSS 0.89
CVE-2023-46213 MEDIUM
Splunk Enterprise <9.0.7-9.1.2 - Code Injection
Nov 16, 2023
CVSS 4.8
EPSS 0.00
CVE-2023-4571 HIGH
Splunk IT Service Intelligence <4.13.3, 4.15.3, 4.17.1 - Code Injec...
Aug 30, 2023
CVSS 8.6
EPSS 0.00
CVE-2023-40598 HIGH
Splunk Enterprise <8.2.12, 9.0.6, 9.1.1 - Code Injection
Aug 30, 2023
CVSS 8.5
EPSS 0.01
CVE-2023-40597 HIGH
Splunk Enterprise <8.2.12, 9.0.6, 9.1.1 - Path Traversal
Aug 30, 2023
CVSS 7.8
EPSS 0.00
CVE-2023-40596 HIGH
Splunk Enterprise <8.2.12-9.1.1 - Privilege Escalation
Aug 30, 2023
CVSS 7.0
EPSS 0.00
CVE-2023-40595 HIGH
Splunk Enterprise <8.2.12, 9.0.6, 9.1.1 - Code Injection
Aug 30, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-40594 MEDIUM
Splunk Enterprise <8.2.12,9.0.6,9.1.1 - DoS
Aug 30, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-40593 MEDIUM
Splunk Enterprise <9.0.6-8.2.12 - DoS
Aug 30, 2023
CVSS 6.3
EPSS 0.00
CVE-2023-40592 HIGH
Splunk Enterprise <9.1.1, 9.0.6, 8.2.12 - XSS
Aug 30, 2023
CVSS 8.4
EPSS 0.01
CVE-2023-3997 HIGH
Splunk SOAR <6.1.0 - Code Injection
Jul 31, 2023
CVSS 8.6
EPSS 0.00
CVE-2023-32717 MEDIUM
Splunk Enterprise < 9.0.5, 8.2.11, 8.1.14 & Splunk Cloud < 9.0.2303.100 - Unauthorized Search Result Overwrite
Jun 01, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-32716 MEDIUM
Splunk Enterprise < 9.0.5, 8.2.11, 8.1.14 & Splunk Cloud < 9.0.2303.100 - DoS via {{dump}} SPL Command
Jun 01, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-32715 MEDIUM
Splunk App for Lookup File Editing < 4.0.1 - Stored Cross-Site Scripting
Jun 01, 2023
CVSS 4.7
EPSS 0.00
CVE-2023-32714 HIGH
Splunk App for Lookup File Editing < 4.0.1 - Path Traversal and Arbitrary File Write
Jun 01, 2023
CVSS 8.1
EPSS 0.43
CVE-2023-32713 HIGH
Splunk App for Stream < 8.1.1 - Privilege Escalation via streamfwd Process
Jun 01, 2023
CVSS 7.8
EPSS 0.00