Vulnerabilities > Splunk
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-31 | CVE-2023-3997 | Improper Encoding or Escaping of Output vulnerability in Splunk Soar 6.0.1.123902 Splunk SOAR versions lower than 6.1.0 are indirectly affected by a potential vulnerability accessed through the user’s terminal. | 7.8 |
| 2023-06-01 | CVE-2023-32706 | XXE vulnerability in Splunk and Splunk Cloud Platform On Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, an unauthenticated attacker can send specially-crafted messages to the XML parser within SAML authentication to cause a denial of service in the Splunk daemon. | 6.5 |
| 2023-06-01 | CVE-2023-32707 | Unspecified vulnerability in Splunk and Splunk Cloud Platform In versions of Splunk Enterprise below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform below version 9.0.2303.100, a low-privileged user who holds a role that has the ‘edit_user’ capability assigned to it can escalate their privileges to that of the admin user by providing specially crafted web requests. | 8.8 |
| 2023-06-01 | CVE-2023-32708 | Interpretation Conflict vulnerability in Splunk and Splunk Cloud Platform In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform versions below 9.0.2303.100, a low-privileged user can trigger an HTTP response splitting vulnerability with the ‘rest’ SPL command that lets them potentially access other REST endpoints in the system arbitrarily. | 8.8 |
| 2023-06-01 | CVE-2023-32709 | Unspecified vulnerability in Splunk and Splunk Cloud Platform In Splunk Enterprise versions below 9.0.5, 8.2.11. | 4.3 |
| 2023-06-01 | CVE-2023-32710 | Unspecified vulnerability in Splunk and Splunk Cloud Platform In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and in Splunk Cloud Platform versions below 9.0.2303.100, a low-privileged user can perform an unauthorized transfer of data from a search using the ‘copyresults’ command if they know the search ID (SID) of a search job that has recently run. | 5.3 |
| 2023-06-01 | CVE-2023-32711 | Cross-site Scripting vulnerability in Splunk In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, a Splunk dashboard view lets a low-privileged user exploit a vulnerability in the Bootstrap web framework (CVE-2019-8331) and build a stored cross-site scripting (XSS) payload. | 5.4 |
| 2023-06-01 | CVE-2023-32712 | Improper Encoding or Escaping of Output vulnerability in Splunk In Splunk Enterprise versions below 9.1.0.2, 9.0.5.1, and 8.2.11.2, an attacker can inject American National Standards Institute (ANSI) escape codes into Splunk log files that, when a vulnerable terminal application reads them, can potentially, at worst, result in possible code execution in the vulnerable application. | 3.1 |
| 2023-06-01 | CVE-2023-32713 | Improper Privilege Management vulnerability in Splunk APP for Stream In Splunk App for Stream versions below 8.1.1, a low-privileged user could use a vulnerability in the streamfwd process within the Splunk App for Stream to escalate their privileges on the machine that runs the Splunk Enterprise instance, up to and including the root user. | 9.9 |
| 2023-06-01 | CVE-2023-32714 | Path Traversal vulnerability in Splunk and Splunk APP for Lookup File Editing In the Splunk App for Lookup File Editing versions below 4.0.1, a low-privileged user can, with a specially crafted web request, trigger a path traversal exploit that can then be used to read and write to restricted areas of the Splunk installation directory. | 8.1 |