Vulnerabilities > Splunk

DATE CVE VULNERABILITY TITLE RISK
2024-10-14 CVE-2024-45738 Information Exposure Through Log Files vulnerability in Splunk
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes sensitive HTTP parameters to the `_internal` index.
network
low complexity
splunk CWE-532
4.9
2024-10-14 CVE-2024-45739 Information Exposure Through Log Files vulnerability in Splunk
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes plaintext passwords for local native authentication Splunk users.
network
low complexity
splunk CWE-532
4.9
2024-10-14 CVE-2024-45740 Cross-site Scripting vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload through Scheduled Views that could result in execution of unauthorized JavaScript code in the browser of a user.
network
low complexity
splunk CWE-79
5.4
2024-10-14 CVE-2024-45741 Cross-site Scripting vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108 and 9.1.2312.205, a low-privileged user that does not hold the "admin" or "power" Splunk roles could create a malicious payload through a custom configuration file that the "api.uri" parameter from the "/manager/search/apps/local" endpoint in Splunk Web calls.
network
low complexity
splunk CWE-79
5.4
2024-07-01 CVE-2024-36982 NULL Pointer Dereference vulnerability in Splunk Cloud and Splunk
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109 and 9.1.2308.207, an attacker could trigger a null pointer reference on the cluster/config REST endpoint, which could result in a crash of the Splunk daemon.
network
low complexity
splunk CWE-476
7.5
2024-07-01 CVE-2024-36983 Command Injection vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109 and 9.1.2308.207, an authenticated user could create an external lookup that calls a legacy internal function.
network
low complexity
splunk CWE-77
8.8
2024-07-01 CVE-2024-36984 Deserialization of Untrusted Data vulnerability in Splunk
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 on Windows, an authenticated user could execute a specially crafted query that they could then use to serialize untrusted data.
network
low complexity
splunk CWE-502
8.8
2024-07-01 CVE-2024-36985 Unspecified vulnerability in Splunk
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10, a low-privileged user that does not hold the admin or power Splunk roles could cause a Remote Code Execution through an external lookup that references the “splunk_archiver“ application.
network
low complexity
splunk
8.8
2024-07-01 CVE-2024-36986 Unspecified vulnerability in Splunk Cloud and Splunk
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, an authenticated user could run risky commands using the permissions of a higher-privileged user to bypass SPL safeguards for risky commands in the Analytics Workspace.
network
low complexity
splunk
5.7
2024-07-01 CVE-2024-36987 Unrestricted Upload of File with Dangerous Type vulnerability in Splunk Cloud and Splunk
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, an authenticated, low-privileged user who does not hold the admin or power Splunk roles could upload a file with an arbitrary extension using the indexing/preview REST endpoint.
network
low complexity
splunk CWE-434
6.5