Vulnerabilities > Splunk > Splunk Cloud Platform > High

DATE CVE VULNERABILITY TITLE RISK
2023-02-14 CVE-2023-22941 Unspecified vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, an improperly-formatted ‘INGEST_EVAL’ parameter in a Field Transformation crashes the Splunk daemon (splunkd).
network
low complexity
splunk
7.5
2022-11-04 CVE-2022-43563 Unspecified vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 8.2.9 and 8.1.12, the way that the rex search command handles field names lets an attacker bypass SPL safeguards for risky commands https://docs.splunk.com/Documentation/SplunkCloud/latest/Security/SPLsafeguards .
network
low complexity
splunk
8.8
2022-11-04 CVE-2022-43565 Unspecified vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 8.2.9 and 8.1.12, the way that the ‘tstats command handles Javascript Object Notation (JSON) lets an attacker bypass SPL safeguards for risky commands https://docs.splunk.com/Documentation/SplunkCloud/latest/Security/SPLsafeguards .
network
low complexity
splunk
8.8
2022-11-04 CVE-2022-43566 Improper Input Validation vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can run risky commands using a more privileged user’s permissions to bypass SPL safeguards for risky commands https://docs.splunk.com/Documentation/SplunkCloud/latest/Security/SPLsafeguards  in the Analytics Workspace.
network
low complexity
splunk CWE-20
8.0
2022-11-04 CVE-2022-43567 Deserialization of Untrusted Data vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can run arbitrary operating system commands remotely through the use of specially crafted requests to the mobile alerts feature in the Splunk Secure Gateway app.
network
low complexity
splunk CWE-502
8.8
2022-11-03 CVE-2022-43571 Code Injection vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can execute arbitrary code through the dashboard PDF generation component.
network
low complexity
splunk CWE-94
8.8
2022-06-15 CVE-2022-32152 Improper Certificate Validation vulnerability in Splunk
Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not validate the TLS certificates during Splunk-to-Splunk communications by default.
network
low complexity
splunk CWE-295
7.2
2022-06-15 CVE-2022-32153 Improper Certificate Validation vulnerability in Splunk
Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not validate the TLS certificates during Splunk-to-Splunk communications by default.
network
high complexity
splunk CWE-295
8.1
2022-06-15 CVE-2022-32154 Command Injection vulnerability in Splunk
Dashboards in Splunk Enterprise versions before 9.0 might let an attacker inject risky search commands into a form token when the token is used in a query in a cross-origin request.
network
low complexity
splunk CWE-77
8.1
2022-06-15 CVE-2022-32155 Incorrect Permission Assignment for Critical Resource vulnerability in Splunk
In universal forwarder versions before 9.0, management services are available remotely by default.
network
low complexity
splunk CWE-732
7.5