Splunk

Splunk

184 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.7

CVE-2024-53244

  • EPSS 0.13%
  • Veröffentlicht 10.12.2024 18:15:41
  • Zuletzt bearbeitet 06.03.2025 19:54:57

In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions below 9.2.2406.107, 9.2.2403.109, and 9.1.2312.206, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could run a saved search w...

4.3

CVE-2024-53245

  • EPSS 0.29%
  • Veröffentlicht 10.12.2024 18:15:41
  • Zuletzt bearbeitet 06.03.2025 19:54:57

In Splunk Enterprise versions below 9.3.0, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions below 9.1.2312.206, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles, that has a username with the same name as a role with rea...

7.5

CVE-2024-53246

  • EPSS 0.05%
  • Veröffentlicht 10.12.2024 18:15:41
  • Zuletzt bearbeitet 10.03.2025 16:41:47

In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions below 9.3.2408.101, 9.2.2406.106, 9.2.2403.111, and 9.1.2312.206, an SPL command can potentially disclose sensitive information. The vulnerability requires...

5.4

CVE-2024-45740

  • EPSS 0.79%
  • Veröffentlicht 14.10.2024 17:15:13
  • Zuletzt bearbeitet 17.10.2024 13:14:20

In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload through Scheduled Views that could res...

5.4

CVE-2024-45741

  • EPSS 3.44%
  • Veröffentlicht 14.10.2024 17:15:13
  • Zuletzt bearbeitet 17.10.2024 13:12:54

In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108 and 9.1.2312.205, a low-privileged user that does not hold the "admin" or "power" Splunk roles could create a malicious payload through a custom...

4.3

CVE-2024-45735

  • EPSS 0.1%
  • Veröffentlicht 14.10.2024 17:15:12
  • Zuletzt bearbeitet 16.10.2024 22:20:32

In Splunk Enterprise versions below 9.2.3 and 9.1.6, and Splunk Secure Gateway versions on Splunk Cloud Platform versions below 3.4.259, 3.6.17, and 3.7.0, a low-privileged user that does not hold the "admin" or "power" Splunk roles can see App Key V...

6.5

CVE-2024-45736

  • EPSS 0.19%
  • Veröffentlicht 14.10.2024 17:15:12
  • Zuletzt bearbeitet 16.10.2024 22:19:44

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.107, 9.1.2312.204, and 9.1.2312.111, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a search query...

3.5

CVE-2024-45737

  • EPSS 0.03%
  • Veröffentlicht 14.10.2024 17:15:12
  • Zuletzt bearbeitet 16.10.2024 22:18:17

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108, and 9.1.2312.204, a low-privileged user that does not hold the "admin" or "power" Splunk roles could change the maintenance mode state ...

4.9

CVE-2024-45738

  • EPSS 0.1%
  • Veröffentlicht 14.10.2024 17:15:12
  • Zuletzt bearbeitet 17.10.2024 13:17:37

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes sensitive HTTP parameters to the `_internal` index. This exposure could happen if you configure the Splunk Enterprise `REST_Calls` log channel at the DEBUG ...

4.9

CVE-2024-45739

  • EPSS 0.1%
  • Veröffentlicht 14.10.2024 17:15:12
  • Zuletzt bearbeitet 17.10.2024 13:16:36

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes plaintext passwords for local native authentication Splunk users. This exposure could happen when you configure the Splunk Enterprise AdminManager log chann...