Filtered by vendor Splunk
Subscribe
Total
207 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-36989 | 1 Splunk | 2 Cloud, Splunk | 2024-10-10 | N/A | 4.3 MEDIUM |
| In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, a low-privileged user that does not hold the admin or power Splunk roles could create notifications in Splunk Web Bulletin Messages that all users on the instance receive. | |||||
| CVE-2024-36993 | 1 Splunk | 2 Splunk, Splunk Cloud Platform | 2024-08-21 | N/A | 5.4 MEDIUM |
| In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the admin or power Splunk roles could craft a malicious payload through a Splunk Web Bulletin Messages that could result in execution of unauthorized JavaScript code in the browser of a user. | |||||
| CVE-2024-36992 | 1 Splunk | 2 Splunk, Splunk Cloud Platform | 2024-08-21 | N/A | 5.4 MEDIUM |
| In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the admin or power Splunk roles could craft a malicious payload through a View that could result in execution of unauthorized JavaScript code in the browser of a user. The “url” parameter of the Dashboard element does not have proper input validation to reject invalid URLs, which could lead to a Persistent Cross-site Scripting (XSS) exploit. | |||||
| CVE-2024-36990 | 1 Splunk | 2 Splunk, Splunk Cloud Platform | 2024-08-21 | N/A | 6.5 MEDIUM |
| In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.2.2403.100, an authenticated, low-privileged user that does not hold the admin or power Splunk roles could send a specially crafted HTTP POST request to the datamodel/web REST endpoint in Splunk Enterprise, potentially causing a denial of service. | |||||
| CVE-2024-36982 | 1 Splunk | 2 Cloud, Splunk | 2024-08-02 | N/A | 7.5 HIGH |
| In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109 and 9.1.2308.207, an attacker could trigger a null pointer reference on the cluster/config REST endpoint, which could result in a crash of the Splunk daemon. | |||||
| CVE-2024-36986 | 1 Splunk | 2 Cloud, Splunk | 2024-08-02 | N/A | 5.7 MEDIUM |
| In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, an authenticated user could run risky commands using the permissions of a higher-privileged user to bypass SPL safeguards for risky commands in the Analytics Workspace. The vulnerability requires the authenticated user to phish the victim by tricking them into initiating a request within their browser. The authenticated user should not be able to exploit the vulnerability at will. | |||||
| CVE-2024-36987 | 1 Splunk | 2 Cloud, Splunk | 2024-08-02 | N/A | 6.5 MEDIUM |
| In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, an authenticated, low-privileged user who does not hold the admin or power Splunk roles could upload a file with an arbitrary extension using the indexing/preview REST endpoint. | |||||
| CVE-2024-36994 | 1 Splunk | 2 Splunk, Splunk Cloud Platform | 2024-08-02 | N/A | 5.4 MEDIUM |
| In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the admin or power Splunk roles could craft a malicious payload through a View and Splunk Web Bulletin Messages that could result in execution of unauthorized JavaScript code in the browser of a user. | |||||
| CVE-2024-36995 | 1 Splunk | 2 Splunk, Splunk Cloud Platform | 2024-08-02 | N/A | 3.5 LOW |
| In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the admin or power Splunk roles could create experimental items. | |||||
| CVE-2024-29945 | 1 Splunk | 1 Splunk | 2024-04-10 | N/A | 7.2 HIGH |
| In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the software potentially exposes authentication tokens during the token validation process. This exposure happens when either Splunk Enterprise runs in debug mode or the JsonWebToken component has been configured to log its activity at the DEBUG logging level. | |||||
| CVE-2024-23678 | 1 Splunk | 1 Splunk | 2024-04-10 | N/A | 8.8 HIGH |
| In Splunk Enterprise for Windows versions below 9.0.8 and 9.1.3, Splunk Enterprise does not correctly sanitize path input data. This results in the unsafe deserialization of untrusted data from a separate disk partition on the machine. This vulnerability only affects Splunk Enterprise for Windows. | |||||
| CVE-2024-23677 | 1 Splunk | 2 Cloud, Splunk | 2024-04-10 | N/A | 5.3 MEDIUM |
| In Splunk Enterprise versions below 9.0.8, the Splunk RapidDiag utility discloses server responses from external applications in a log file. | |||||
| CVE-2024-23676 | 1 Splunk | 2 Cloud, Splunk | 2024-04-10 | N/A | 3.5 LOW |
| In Splunk versions below 9.0.8 and 9.1.3, the “mrollup” SPL command lets a low-privileged user view metrics on an index that they do not have permission to view. This vulnerability requires user interaction from a high-privileged user to exploit. | |||||
| CVE-2024-23675 | 1 Splunk | 2 Cloud, Splunk | 2024-04-10 | N/A | 6.5 MEDIUM |
| In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store (KV Store) improperly handles permissions for users that use the REST application programming interface (API). This can potentially result in the deletion of KV Store collections. | |||||
| CVE-2024-22165 | 1 Splunk | 1 Enterprise Security | 2024-04-10 | N/A | 6.5 MEDIUM |
| In Splunk Enterprise Security (ES) versions lower than 7.1.2, an attacker can create a malformed Investigation to perform a denial of service (DoS). The malformed investigation prevents the generation and rendering of the Investigations manager until it is deleted.<br>The vulnerability requires an authenticated session and access to create an Investigation. It only affects the availability of the Investigations manager, but without the manager, the Investigations functionality becomes unusable for most users. | |||||
| CVE-2024-22164 | 1 Splunk | 1 Enterprise Security | 2024-04-10 | N/A | 4.3 MEDIUM |
| In Splunk Enterprise Security (ES) versions below 7.1.2, an attacker can use investigation attachments to perform a denial of service (DoS) to the Investigation. The attachment endpoint does not properly limit the size of the request which lets an attacker cause the Investigation to become inaccessible. | |||||
| CVE-2023-46231 | 1 Splunk | 1 Add-on Builder | 2024-04-10 | N/A | 7.2 HIGH |
| In Splunk Add-on Builder versions below 4.1.4, the application writes user session tokens to its internal log files when you visit the Splunk Add-on Builder or when you build or edit a custom app or add-on. | |||||
| CVE-2023-46230 | 1 Splunk | 1 Add-on Builder | 2024-04-10 | N/A | 4.9 MEDIUM |
| In Splunk Add-on Builder versions below 4.1.4, the app writes sensitive information to internal log files. | |||||
| CVE-2023-46214 | 1 Splunk | 2 Cloud, Splunk | 2024-04-10 | N/A | 8.8 HIGH |
| In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language transformations (XSLT) that users supply. This means that an attacker can upload malicious XSLT which can result in remote code execution on the Splunk Enterprise instance. | |||||
| CVE-2023-46213 | 1 Splunk | 2 Cloud, Splunk | 2024-04-10 | N/A | 4.8 MEDIUM |
| In Splunk Enterprise versions below 9.0.7 and 9.1.2, ineffective escaping in the “Show syntax Highlighted” feature can result in the execution of unauthorized code in a user’s web browser. | |||||