Vulnerabilities > Splunk > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-10-14 CVE-2024-45732 Missing Authorization vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 9.3.1, and 9.2.0 versions below 9.2.3, and Splunk Cloud Platform versions below 9.2.2403.103, 9.1.2312.200, 9.1.2312.110 and 9.1.2308.208, a low-privileged user that does not hold the "admin" or "power" Splunk roles could run a search as the "nobody" Splunk user in the SplunkDeploymentServerConfig app.
network
low complexity
splunk CWE-862
6.5
2024-10-14 CVE-2024-45734 Unspecified vulnerability in Splunk
In Splunk Enterprise versions 9.3.0, 9.2.3, and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could view images on the machine that runs Splunk Enterprise by using the PDF export feature in Splunk classic dashboards.
network
low complexity
splunk
4.3
2024-10-14 CVE-2024-45735 Unspecified vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 9.2.3 and 9.1.6, and Splunk Secure Gateway versions on Splunk Cloud Platform versions below 3.4.259, 3.6.17, and 3.7.0, a low-privileged user that does not hold the "admin" or "power" Splunk roles can see App Key Value Store (KV Store) deployment configuration and public/private keys in the Splunk Secure Gateway App.
network
low complexity
splunk
4.3
2024-10-14 CVE-2024-45736 Unspecified vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.107, 9.1.2312.204, and 9.1.2312.111, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a search query with an improperly formatted "INGEST_EVAL" parameter as part of a [Field Transformation](https://docs.splunk.com/Documentation/Splunk/latest/Knowledge/Managefieldtransforms) which could crash the Splunk daemon (splunkd).
network
low complexity
splunk
6.5
2024-10-14 CVE-2024-45738 Information Exposure Through Log Files vulnerability in Splunk
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes sensitive HTTP parameters to the `_internal` index.
network
low complexity
splunk CWE-532
4.9
2024-10-14 CVE-2024-45739 Information Exposure Through Log Files vulnerability in Splunk
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes plaintext passwords for local native authentication Splunk users.
network
low complexity
splunk CWE-532
4.9
2024-10-14 CVE-2024-45740 Cross-site Scripting vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload through Scheduled Views that could result in execution of unauthorized JavaScript code in the browser of a user.
network
low complexity
splunk CWE-79
5.4
2024-10-14 CVE-2024-45741 Cross-site Scripting vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108 and 9.1.2312.205, a low-privileged user that does not hold the "admin" or "power" Splunk roles could create a malicious payload through a custom configuration file that the "api.uri" parameter from the "/manager/search/apps/local" endpoint in Splunk Web calls.
network
low complexity
splunk CWE-79
5.4
2024-07-01 CVE-2024-36986 Unspecified vulnerability in Splunk Cloud and Splunk
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, an authenticated user could run risky commands using the permissions of a higher-privileged user to bypass SPL safeguards for risky commands in the Analytics Workspace.
network
low complexity
splunk
5.7
2024-07-01 CVE-2024-36987 Unrestricted Upload of File with Dangerous Type vulnerability in Splunk Cloud and Splunk
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, an authenticated, low-privileged user who does not hold the admin or power Splunk roles could upload a file with an arbitrary extension using the indexing/preview REST endpoint.
network
low complexity
splunk CWE-434
6.5