Vulnerabilities > Splunk > Splunk Cloud Platform > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-02-14 CVE-2023-22937 Unrestricted Upload of File with Dangerous Type vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the lookup table upload feature let a user upload lookup tables with unnecessary filename extensions.
network
low complexity
splunk CWE-434
4.3
2023-02-14 CVE-2023-22938 Unspecified vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘sendemail’ REST API endpoint lets any authenticated user send an email as the Splunk instance.
network
low complexity
splunk
4.3
2023-02-14 CVE-2023-22940 Unspecified vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, aliases of the ‘collect’ search processing language (SPL) command, including ‘summaryindex’, ‘sumindex’, ‘stash’,’ mcollect’, and ‘meventcollect’, were not designated as safeguarded commands.
network
low complexity
splunk
5.7
2022-11-04 CVE-2022-43562 Injection vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, Splunk Enterprise fails to properly validate and escape the Host header, which could let a remote authenticated user conduct various attacks against the system, including cross-site scripting and cache poisoning.
network
low complexity
splunk CWE-74
5.4
2022-11-04 CVE-2022-43564 Resource Exhaustion vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, a remote user who can create search macros and schedule search reports can cause a denial of service through the use of specially crafted search macros.
network
low complexity
splunk CWE-400
6.5
2022-11-04 CVE-2022-43568 Cross-site Scripting vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, a View allows for a Reflected Cross Site Scripting via JavaScript Object Notation (JSON) in a query parameter when output_mode=radio.
network
low complexity
splunk CWE-79
6.1
2022-11-04 CVE-2022-43569 Cross-site Scripting vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, an authenticated user can inject and store arbitrary scripts that can lead to persistent cross-site scripting (XSS) in the object name of a Data Model.
network
low complexity
splunk CWE-79
5.4
2022-11-04 CVE-2022-43570 XXE vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, an authenticated user can perform an extensible markup language (XML) external entity (XXE) injection via a custom View.
network
low complexity
splunk CWE-611
6.5
2022-11-04 CVE-2022-43572 Code Injection vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, sending a malformed file through the Splunk-to-Splunk (S2S) or HTTP Event Collector (HEC) protocols to an indexer results in a blockage or denial-of-service preventing further indexing.
network
low complexity
splunk CWE-94
6.5
2022-11-03 CVE-2022-43561 Cross-site Scripting vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, a remote user that holds the “power” Splunk role can store arbitrary scripts that can lead to persistent cross-site scripting (XSS).
network
low complexity
splunk CWE-79
4.8