Vulnerabilities > Splunk > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-01-09 CVE-2024-22165 Unspecified vulnerability in Splunk Enterprise Security 7.1.0/7.1.1
In Splunk Enterprise Security (ES) versions lower than 7.1.2, an attacker can create a malformed Investigation to perform a denial of service (DoS).
network
low complexity
splunk
6.5
2023-11-16 CVE-2023-46213 Cross-site Scripting vulnerability in Splunk Cloud and Splunk
In Splunk Enterprise versions below 9.0.7 and 9.1.2, ineffective escaping in the “Show syntax Highlighted” feature can result in the execution of unauthorized code in a user’s web browser.
network
low complexity
splunk CWE-79
4.8
2023-08-30 CVE-2023-40592 Cross-site Scripting vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 9.1.1, 9.0.6, and 8.2.12, an attacker can craft a special web request that can result in reflected cross-site scripting (XSS) on the “/app/search/table” web endpoint.
network
low complexity
splunk CWE-79
6.1
2023-06-01 CVE-2023-32706 XXE vulnerability in Splunk and Splunk Cloud Platform
On Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, an unauthenticated attacker can send specially-crafted messages to the XML parser within SAML authentication to cause a denial of service in the Splunk daemon.
network
low complexity
splunk CWE-611
6.5
2023-06-01 CVE-2023-32709 Unspecified vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 9.0.5, 8.2.11.
network
low complexity
splunk
4.3
2023-06-01 CVE-2023-32710 Unspecified vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and in Splunk Cloud Platform versions below 9.0.2303.100, a low-privileged user can perform an unauthorized transfer of data from a search using the ‘copyresults’ command if they know the search ID (SID) of a search job that has recently run.
network
high complexity
splunk
5.3
2023-06-01 CVE-2023-32711 Cross-site Scripting vulnerability in Splunk
In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, a Splunk dashboard view lets a low-privileged user exploit a vulnerability in the Bootstrap web framework (CVE-2019-8331) and build a stored cross-site scripting (XSS) payload.
network
low complexity
splunk CWE-79
5.4
2023-06-01 CVE-2023-32715 Cross-site Scripting vulnerability in Splunk APP for Lookup File Editing
In the Splunk App for Lookup File Editing versions below 4.0.1, a user can insert potentially malicious JavaScript code into the app, which causes that code to run on the user’s machine.
network
low complexity
splunk CWE-79
6.1
2023-06-01 CVE-2023-32716 Improper Check for Unusual or Exceptional Conditions vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform versions below 9.0.2303.100, an attacker can exploit a vulnerability in the {{dump}} SPL command to cause a denial of service by crashing the Splunk daemon.
network
low complexity
splunk CWE-754
6.5
2023-06-01 CVE-2023-32717 Unspecified vulnerability in Splunk and Splunk Cloud Platform
On Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and in Splunk Cloud Platform versions below 9.0.2303.100, an unauthorized user can access the {{/services/indexing/preview}} REST endpoint to overwrite search results if they know the search ID (SID) of an existing search job.
network
low complexity
splunk
4.3