splunk
284 tracked vulnerabilities.
CVE-2023-32712
HIGH
Splunk Enterprise <9.1.0.2, <9.0.5.1, <8.2.11.2 - Code Injection
Jun 01, 2023
CVSS 8.6
EPSS 0.00
CVE-2023-32711
MEDIUM
Splunk 8.1.0-8.1.13 - Stored Cross-Site Scripting via Bootstrap Framework
Jun 01, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-32710
MEDIUM
Splunk Enterprise <9.0.5, <8.2.11, <8.1.14 & Splunk Cloud <9.0.2303.100 - Unauthorized Data Exposure
Jun 01, 2023
CVSS 4.8
EPSS 0.00
CVE-2023-32709
MEDIUM
Splunk < 9.0.5, 8.2.11, 8.1.14 & Splunk Cloud < 9.0.2303.100 - Unauthorized Access to Hashed Credentials
Jun 01, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-32708
HIGH
Splunk Enterprise < 9.0.5, < 8.2.11, < 8.1.14 and Splunk Cloud Platform < 9.0.2303.100 - HTTP Response Splitting
Jun 01, 2023
CVSS 7.2
EPSS 0.01
CVE-2023-32707
HIGH
Splunk Enterprise <9.0.5 - Privilege Escalation
Jun 01, 2023
CVSS 8.8
EPSS 0.74
CVE-2023-32706
HIGH
Splunk < 9.0.5, 8.2.11, 8.1.14 - Unauthenticated Denial of Service via SAML XML Parser
Jun 01, 2023
CVSS 7.7
EPSS 0.01
CVE-2023-27538
MEDIUM
libcurl < 8.0.0 - Authentication Bypass via SSH Connection Reuse
Mar 30, 2023
CVSS 5.5
EPSS 0.01
CVE-2023-27537
MEDIUM
libcurl < 8.0.0 - Double Free via HSTS Data Sharing
Mar 30, 2023
CVSS 5.9
EPSS 0.02
CVE-2023-27536
MEDIUM
libcurl < 8.0.0 - Authentication Bypass via Connection Reuse
Mar 30, 2023
CVSS 5.9
EPSS 0.02
CVE-2023-27535
MEDIUM
libcurl < 8.0.0 - Authentication Bypass via FTP Connection Reuse
Mar 30, 2023
CVSS 5.9
EPSS 0.02
CVE-2023-27534
HIGH
curl < 8.0.0 - Path Traversal via SFTP Tilde Character Handling
Mar 30, 2023
CVSS 8.8
EPSS 0.02
CVE-2023-27533
HIGH
curl < 8.0 - Remote Code Execution via TELNET Protocol Input Validation
Mar 30, 2023
CVSS 8.8
EPSS 0.02
CVE-2023-23916
MEDIUM
curl 7.57.0-7.87.0 - Denial of Service via HTTP Compression Header Chain
Feb 23, 2023
CVSS 6.5
EPSS 0.02
CVE-2023-23915
MEDIUM
curl 7.77.0-7.87.0 - Cleartext Transmission of Sensitive Information via HSTS Cache Overwrite
Feb 23, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-23914
CRITICAL
curl < 7.88.0 - Cleartext Transmission of Sensitive Information via HSTS State Mismanagement
Feb 23, 2023
CVSS 9.1
EPSS 0.01
CVE-2023-22943
MEDIUM
Splunk AoB <4.1.2 & Splunk CloudConnect SDK <3.1.3 - Info Disclosure
Feb 14, 2023
CVSS 4.8
EPSS 0.00
CVE-2023-22942
MEDIUM
Splunk 8.1.0-8.1.12 - Cross-Site Request Forgery in Splunk Secure Gateway KV Store Endpoint
Feb 14, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-22941
MEDIUM
Splunk Enterprise <8.1.13, 8.2.10, 9.0.4 - DoS
Feb 14, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-22940
MEDIUM
Splunk Enterprise < 8.1.13, 8.2.10, 9.0.4 - Unauthorized Data Exposure via SPL Command Aliases
Feb 14, 2023
CVSS 6.3
EPSS 0.00
CVE-2023-22939
HIGH
Splunk Enterprise < 8.1.13, 8.2.10, 9.0.4 - Authenticated SPL Safeguard Bypass via Map Command
Feb 14, 2023
CVSS 8.1
EPSS 0.01
CVE-2023-22938
MEDIUM
Splunk Enterprise < 8.1.13, < 8.2.10, < 9.0.4 - Authenticated Email Spoofing via sendemail REST Endpoint
Feb 14, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-22937
MEDIUM
Splunk < 8.1.13 - Improper Input Validation
Feb 14, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-22936
MEDIUM
Splunk Enterprise < 8.1.13, 8.2.10, 9.0.4 & Splunk Cloud < 9.0.2209.3 - SSRF via search_listener
Feb 14, 2023
CVSS 6.3
EPSS 0.00
CVE-2023-22935
HIGH
Splunk Enterprise < 8.1.13, 8.2.10, 9.0.4 - Authenticated SPL Safeguard Bypass via Search Parameter
Feb 14, 2023
CVSS 8.1
EPSS 0.01
Products
splunk 201
splunk_cloud_platform 106
universal_forwarder 61
Splunk Enterprise 16
Splunk Cloud Platform 14
cloud 9
splunk_secure_gateway 5
Splunk AI Toolkit 3
Splunk Secure Gateway 3
add-on_builder 3
ai_toolkit 3
splunk_app_for_lookup_file_editing 3
Splunk MCP Server 2
enterprise_security 2
Splunk Add-on for Palo Alto Networks 1
Splunk App for SOAR 1
Splunk SOAR 1
Splunk Supporting Add-on for Active Directory 1
cloudconnect_software_development_kit 1
hadoop_connect 1
it_service_intelligence 1
nozzle 1
soar 1
software_development_kit 1
splunk_app_for_stream 1
Quick Filters