Vulnerabilities > Splunk > Splunk Cloud Platform

DATE CVE VULNERABILITY TITLE RISK
2024-12-10 CVE-2024-53244 Unspecified vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions below 9.2.2406.107, 9.2.2403.109, and 9.1.2312.206, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could run a saved search with a risky command using the permissions of a higher-privileged user to bypass the SPL safeguards for risky commands on “/en-US/app/search/report“ endpoint through “s“ parameter.<br>The vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser.
network
low complexity
splunk
5.7
2024-12-10 CVE-2024-53245 Unspecified vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 9.3.0, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions below 9.1.2312.206, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles, that has a username with the same name as a role with read access to dashboards, could see the dashboard name and the dashboard XML by cloning the dashboard.
network
low complexity
splunk
4.3
2024-12-10 CVE-2024-53246 Cleartext Transmission of Sensitive Information vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions below 9.3.2408.101, 9.2.2406.106, 9.2.2403.111, and 9.1.2312.206, an SPL command can potentially disclose sensitive information.
network
low complexity
splunk CWE-319
7.5
2024-10-14 CVE-2024-45732 Missing Authorization vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 9.3.1, and 9.2.0 versions below 9.2.3, and Splunk Cloud Platform versions below 9.2.2403.103, 9.1.2312.200, 9.1.2312.110 and 9.1.2308.208, a low-privileged user that does not hold the "admin" or "power" Splunk roles could run a search as the "nobody" Splunk user in the SplunkDeploymentServerConfig app.
network
low complexity
splunk CWE-862
6.5
2024-10-14 CVE-2024-45735 Unspecified vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 9.2.3 and 9.1.6, and Splunk Secure Gateway versions on Splunk Cloud Platform versions below 3.4.259, 3.6.17, and 3.7.0, a low-privileged user that does not hold the "admin" or "power" Splunk roles can see App Key Value Store (KV Store) deployment configuration and public/private keys in the Splunk Secure Gateway App.
network
low complexity
splunk
4.3
2024-10-14 CVE-2024-45736 Unspecified vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.107, 9.1.2312.204, and 9.1.2312.111, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a search query with an improperly formatted "INGEST_EVAL" parameter as part of a [Field Transformation](https://docs.splunk.com/Documentation/Splunk/latest/Knowledge/Managefieldtransforms) which could crash the Splunk daemon (splunkd).
network
low complexity
splunk
6.5
2024-10-14 CVE-2024-45737 Cross-Site Request Forgery (CSRF) vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108, and 9.1.2312.204, a low-privileged user that does not hold the "admin" or "power" Splunk roles could change the maintenance mode state of App Key Value Store (KVStore) through a Cross-Site Request Forgery (CSRF).
network
low complexity
splunk CWE-352
3.5
2024-10-14 CVE-2024-45740 Cross-site Scripting vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload through Scheduled Views that could result in execution of unauthorized JavaScript code in the browser of a user.
network
low complexity
splunk CWE-79
5.4
2024-10-14 CVE-2024-45741 Cross-site Scripting vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108 and 9.1.2312.205, a low-privileged user that does not hold the "admin" or "power" Splunk roles could create a malicious payload through a custom configuration file that the "api.uri" parameter from the "/manager/search/apps/local" endpoint in Splunk Web calls.
network
low complexity
splunk CWE-79
5.4
2024-07-01 CVE-2024-36983 Command Injection vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109 and 9.1.2308.207, an authenticated user could create an external lookup that calls a legacy internal function.
network
low complexity
splunk CWE-77
8.8