Vulnerabilities > Splunk > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-30 | CVE-2023-40598 | Missing Authentication for Critical Function vulnerability in Splunk In Splunk Enterprise versions below 8.2.12, 9.0.6, and 9.1.1, an attacker can create an external lookup that calls a legacy internal function. | 8.8 |
| 2023-08-30 | CVE-2023-4571 | Improper Encoding or Escaping of Output vulnerability in Splunk IT Service Intelligence In Splunk IT Service Intelligence (ITSI) versions below below 4.13.3, 4.15.3, or 4.17.1, a malicious actor can inject American National Standards Institute (ANSI) escape codes into Splunk ITSI log files that, when a vulnerable terminal application reads them, can run malicious code in the vulnerable application. | 8.6 |
| 2023-07-31 | CVE-2023-3997 | Improper Encoding or Escaping of Output vulnerability in Splunk Soar 6.0.1.123902 Splunk SOAR versions lower than 6.1.0 are indirectly affected by a potential vulnerability accessed through the user’s terminal. | 7.8 |
| 2023-06-01 | CVE-2023-32707 | Unspecified vulnerability in Splunk and Splunk Cloud Platform In versions of Splunk Enterprise below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform below version 9.0.2303.100, a low-privileged user who holds a role that has the ‘edit_user’ capability assigned to it can escalate their privileges to that of the admin user by providing specially crafted web requests. | 8.8 |
| 2023-06-01 | CVE-2023-32708 | Interpretation Conflict vulnerability in Splunk and Splunk Cloud Platform In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform versions below 9.0.2303.100, a low-privileged user can trigger an HTTP response splitting vulnerability with the ‘rest’ SPL command that lets them potentially access other REST endpoints in the system arbitrarily. | 8.8 |
| 2023-06-01 | CVE-2023-32714 | Path Traversal vulnerability in Splunk and Splunk APP for Lookup File Editing In the Splunk App for Lookup File Editing versions below 4.0.1, a low-privileged user can, with a specially crafted web request, trigger a path traversal exploit that can then be used to read and write to restricted areas of the Splunk installation directory. | 8.1 |
| 2023-03-30 | CVE-2023-27533 | Injection vulnerability in multiple products A vulnerability in input validation exists in curl <8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. | 8.8 |
| 2023-03-30 | CVE-2023-27534 | Path Traversal vulnerability in multiple products A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. | 8.8 |
| 2023-02-14 | CVE-2023-22934 | Unspecified vulnerability in Splunk and Splunk Cloud Platform In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘pivot’ search processing language (SPL) command lets a search bypass SPL safeguards for risky commands using a saved search job. | 8.0 |
| 2023-02-14 | CVE-2023-22935 | Command Injection vulnerability in Splunk and Splunk Cloud Platform In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘display.page.search.patterns.sensitivity’ search parameter lets a search bypass SPL safeguards for risky commands. | 8.8 |