Splunk ≫ Splunk

176 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.

2.7

CVE-2025-20388

EPSS 0.04%
Veröffentlicht 03.12.2025 17:00:59
Zuletzt bearbeitet 05.12.2025 17:11:26

In Splunk Enterprise versions below 10.0.1, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.4, 10.0.2503.7, and 9.3.2411.116, a user who holds a role that contains the high privilege capability `change_authentication` cou...

6.5

CVE-2025-20389

Medienbericht

EPSS 0.05%
Veröffentlicht 03.12.2025 17:00:55
Zuletzt bearbeitet 05.12.2025 17:05:57

In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and versions below 3.9.10, 3.8.58 and 3.7.28 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the "admin" or "power" Splunk roles...

6.5

CVE-2025-20387

Medienbericht

EPSS 0.03%
Veröffentlicht 03.12.2025 17:00:51
Zuletzt bearbeitet 05.12.2025 17:35:09

In Splunk Universal Forwarder for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new installation of or an upgrade to an affected version can result in incorrect permissions assignment in the Universal Forwarder for Windows Installation d...

4.3

CVE-2025-20383

EPSS 0.03%
Veröffentlicht 03.12.2025 17:00:36
Zuletzt bearbeitet 05.12.2025 18:30:13

In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and below 3.9.10, 3.8.58, and 3.7.28 of Splunk Secure Gateway app in Splunk Cloud Platform, a low-privileged user that does not hold the "admin" or "power" Splunk roles and subscri...

5.3

CVE-2025-20384

Medienbericht

EPSS 0.04%
Veröffentlicht 03.12.2025 17:00:34
Zuletzt bearbeitet 05.12.2025 18:14:07

In Splunk Enterprise versions below 10.0.1, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.4, 10.0.2503.6, and 9.3.2411.117.125, an unauthenticated attacker can inject American National Standards Institute (ANSI) escape ...

6.5

CVE-2025-20386

Medienbericht

EPSS 0.03%
Veröffentlicht 03.12.2025 17:00:31
Zuletzt bearbeitet 05.12.2025 17:51:41

In Splunk Enterprise for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new installation of or an upgrade to an affected version can result in incorrect permissions assignment in the Splunk Enterprise for Windows Installation directory. T...

4.8

CVE-2025-20385

EPSS 0.04%
Veröffentlicht 03.12.2025 17:00:29
Zuletzt bearbeitet 05.12.2025 18:13:10

In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.6, 10.0.2503.7, and 9.3.2411.117, a user who holds a role with a high privilege capability `admin_all_objects` could craft a mali...

5.4

CVE-2025-20382

EPSS 0.03%
Veröffentlicht 03.12.2025 17:00:21
Zuletzt bearbeitet 05.12.2025 18:33:45

In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.10, 10.0.2503.8, and 9.3.2411.120, a low-privileged user that does not hold the "admin" or "power" Splunk roles could create a vi...

3.5

CVE-2025-20379

EPSS 0.02%
Veröffentlicht 12.11.2025 17:23:00
Zuletzt bearbeitet 03.12.2025 21:41:26

In Splunk Enterprise versions below 10.0.1, 9.4.5, 9.3.7, and 9.2.9 and Splunk Cloud Platform versions below 9.3.2411.116, 9.3.2408.124, 10.0.2503.5 and 10.1.2507.1, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could r...

6.1

CVE-2025-20378

EPSS 0.04%
Veröffentlicht 12.11.2025 17:22:56
Zuletzt bearbeitet 03.12.2025 21:43:31

In Splunk Enterprise versions below 10.0.1, 9.4.5, 9.3.7, 9.2.9, and Splunk Cloud Platform versions below 10.0.2503.5, 9.3.2411.111, and 9.3.2408.121, an unauthenticated attacker could craft a malicious URL using the `return_to` parameter of the Splu...

1234...18>