Splunk

Splunk

160 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2025-20322

  • EPSS 0.03%
  • Veröffentlicht 07.07.2025 17:48:05
  • Zuletzt bearbeitet 21.07.2025 20:54:57

In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.2408.113, and 9.2.2406.119, an unauthenticated attacker could send a specially-crafted SPL search command that could trigg...

4.3

CVE-2025-20321

  • EPSS 0.03%
  • Veröffentlicht 07.07.2025 17:48:03
  • Zuletzt bearbeitet 21.07.2025 20:57:33

In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7 and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.2408.114, and 9.2.2406.119, an unauthenticated attacker can send a specially-crafted SPL search that could change the membe...

4.3

CVE-2025-20323

  • EPSS 0.04%
  • Veröffentlicht 07.07.2025 17:48:03
  • Zuletzt bearbeitet 21.07.2025 20:53:33

In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, a low-privileged user that does not hold the "admin" or "power" Splunk roles could turn off the scheduled search `Bucket Copy Trigger` within the Splunk Archiver application. This i...

5.3

CVE-2025-20325

  • EPSS 0.05%
  • Veröffentlicht 07.07.2025 17:48:02
  • Zuletzt bearbeitet 01.08.2025 18:36:57

In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.103, 9.3.2408.113, and 9.2.2406.119, the software potentially exposes the search head cluster [splunk.secret](https://help.splunk.c...

6.8

CVE-2025-20319

  • EPSS 0.07%
  • Veröffentlicht 07.07.2025 17:48:01
  • Zuletzt bearbeitet 21.07.2025 20:58:20

In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, a user who holds a role that contains the high-privilege capability `edit_scripted` and `list_inputs` capability , could perform a remote command execution due to improper user inpu...

5.4

CVE-2025-20324

  • EPSS 0.04%
  • Veröffentlicht 07.07.2025 17:48:00
  • Zuletzt bearbeitet 21.07.2025 20:43:59

In Splunk Enterprise versions below 9.4.2, 9.3.5, 9.2.7, and 9.1.10 and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.2408.113, and 9.2.2406.119, a low-privileged user that does not hold the "admin" or "power" Splunk roles could create or ov...

7.3

CVE-2025-20320

  • EPSS 0.06%
  • Veröffentlicht 07.07.2025 17:47:59
  • Zuletzt bearbeitet 21.07.2025 20:58:05

In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7 and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.107, 9.3.2408.117, and 9.2.2406.121, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a mali...

4.3

CVE-2025-20300

  • EPSS 0.04%
  • Veröffentlicht 07.07.2025 17:47:58
  • Zuletzt bearbeitet 21.07.2025 20:58:42

In Splunk Enterprise versions below 9.4.2, 9.3.5, 9.2.6, and 9.1.9 and Splunk Cloud Platform versions below 9.3.2411.103, 9.3.2408.112, and 9.2.2406.119, a low-privileged user that does not hold the "admin" or "power" Splunk roles, and has read-only ...

5.4

CVE-2025-20297

  • EPSS 0.09%
  • Veröffentlicht 02.06.2025 17:14:02
  • Zuletzt bearbeitet 01.08.2025 15:44:58

In Splunk Enterprise versions below 9.4.2, 9.3.4 and 9.2.6, and Splunk Cloud Platform versions below 9.3.2411.102, 9.3.2408.111 and 9.2.2406.118, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious pay...

6.5

CVE-2025-20230

Medienbericht
  • EPSS 0.05%
  • Veröffentlicht 26.03.2025 22:24:15
  • Zuletzt bearbeitet 01.08.2025 18:01:55

In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and versions below 3.8.38 and 3.7.23 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could edi...