Vulnerabilities > Splunk > Splunk > 5.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-23 | CVE-2013-6773 | Improper Privilege Management vulnerability in Splunk Splunk 5.0.3 has an Unquoted Service Path in Windows for Universal Forwarder which can allow an attacker to escalate privileges | 7.8 |
| 2020-01-23 | CVE-2013-6772 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Splunk Splunk before 5.0.4 lacks X-Frame-Options which can allow Clickjacking | 4.3 |
| 2018-06-08 | CVE-2018-11409 | Information Exposure vulnerability in Splunk Splunk through 7.0.1 allows information disclosure by appending __raw/services/server/info/server-info?output_mode=json to a query, as demonstrated by discovering a license key. | 5.3 |