Splunk

Splunk

160 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2024-36982

  • EPSS 0.32%
  • Published 01.07.2024 17:15:06
  • Last modified 21.11.2024 09:22:58

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109 and 9.1.2308.207, an attacker could trigger a null pointer reference on the cluster/config REST endpoint, which could result in a crash...

8.8

CVE-2024-36983

  • EPSS 1.04%
  • Published 01.07.2024 17:15:06
  • Last modified 07.03.2025 16:48:11

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109 and 9.1.2308.207, an authenticated user could create an external lookup that calls a legacy internal function. The authenticated user c...

8.8

CVE-2024-36984

  • EPSS 2.58%
  • Published 01.07.2024 17:15:06
  • Last modified 07.03.2025 16:48:11

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 on Windows, an authenticated user could execute a specially crafted query that they could then use to serialize untrusted data. The attacker could use the query to execute arbitrary code.

8.8

CVE-2024-36985

  • EPSS 19.95%
  • Published 01.07.2024 17:15:06
  • Last modified 07.03.2025 16:48:11

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10, a low-privileged user that does not hold the admin or power Splunk roles could cause a Remote Code Execution through an external lookup that references the “splunk_archiver“ application.

5.7

CVE-2024-36986

  • EPSS 0.27%
  • Published 01.07.2024 17:15:06
  • Last modified 21.11.2024 09:22:58

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, an authenticated user could run risky commands using the permissions of a higher-privileged user to bypass SPL safegu...

7.2

CVE-2024-29945

  • EPSS 0.15%
  • Published 27.03.2024 17:15:54
  • Last modified 21.11.2024 09:08:40

In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the software potentially exposes authentication tokens during the token validation process. This exposure happens when either Splunk Enterprise runs in debug mode or the JsonWebToken compon...

8.1

CVE-2024-29946

  • EPSS 0.41%
  • Published 27.03.2024 17:15:54
  • Last modified 21.11.2024 09:08:40

In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the Dashboard Examples Hub lacks protections for risky SPL commands. This could let attackers bypass SPL safeguards for risky commands in the Hub. The vulnerability would require the attack...

6.5

CVE-2024-23675

  • EPSS 0.09%
  • Published 22.01.2024 21:15:10
  • Last modified 21.11.2024 08:58:08

In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store (KV Store) improperly handles permissions for users that use the REST application programming interface (API). This can potentially result in the deletion of KV Store col...

3.5

CVE-2024-23676

  • EPSS 0.2%
  • Published 22.01.2024 21:15:10
  • Last modified 21.11.2024 08:58:09

In Splunk versions below 9.0.8 and 9.1.3, the “mrollup” SPL command lets a low-privileged user view metrics on an index that they do not have permission to view. This vulnerability requires user interaction from a high-privileged user to exploit.

5.3

CVE-2024-23677

  • EPSS 0.3%
  • Published 22.01.2024 21:15:10
  • Last modified 21.11.2024 08:58:09

In Splunk Enterprise versions below 9.0.8, the Splunk RapidDiag utility discloses server responses from external applications in a log file.