Vulnerabilities > Splunk > Splunk Cloud Platform
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-06-15 | CVE-2022-32154 | Command Injection vulnerability in Splunk Dashboards in Splunk Enterprise versions before 9.0 might let an attacker inject risky search commands into a form token when the token is used in a query in a cross-origin request. | 4.0 |
2022-06-15 | CVE-2022-32155 | Incorrect Permission Assignment for Critical Resource vulnerability in Splunk In universal forwarder versions before 9.0, management services are available remotely by default. | 5.0 |