Splunk

Splunk Cloud Platform

85 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
2.7

CVE-2025-20388

  • EPSS 0.04%
  • Veröffentlicht 03.12.2025 17:00:59
  • Zuletzt bearbeitet 05.12.2025 17:11:26

In Splunk Enterprise versions below 10.0.1, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.4, 10.0.2503.7, and 9.3.2411.116, a user who holds a role that contains the high privilege capability `change_authentication` cou...

6.5

CVE-2025-20389

Medienbericht
  • EPSS 0.05%
  • Veröffentlicht 03.12.2025 17:00:55
  • Zuletzt bearbeitet 05.12.2025 17:05:57

In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and versions below 3.9.10, 3.8.58 and 3.7.28 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the "admin" or "power" Splunk roles...

4.3

CVE-2025-20383

  • EPSS 0.03%
  • Veröffentlicht 03.12.2025 17:00:36
  • Zuletzt bearbeitet 05.12.2025 18:30:13

In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and below 3.9.10, 3.8.58, and 3.7.28 of Splunk Secure Gateway app in Splunk Cloud Platform, a low-privileged user that does not hold the "admin" or "power" Splunk roles and subscri...

5.3

CVE-2025-20384

Medienbericht
  • EPSS 0.04%
  • Veröffentlicht 03.12.2025 17:00:34
  • Zuletzt bearbeitet 05.12.2025 18:14:07

In Splunk Enterprise versions below 10.0.1, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.4, 10.0.2503.6, and 9.3.2411.117.125, an unauthenticated attacker can inject American National Standards Institute (ANSI) escape ...

4.8

CVE-2025-20385

  • EPSS 0.04%
  • Veröffentlicht 03.12.2025 17:00:29
  • Zuletzt bearbeitet 05.12.2025 18:13:10

In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.6, 10.0.2503.7, and 9.3.2411.117, a user who holds a role with a high privilege capability `admin_all_objects` could craft a mali...

5.4

CVE-2025-20382

  • EPSS 0.03%
  • Veröffentlicht 03.12.2025 17:00:21
  • Zuletzt bearbeitet 05.12.2025 18:33:45

In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.10, 10.0.2503.8, and 9.3.2411.120, a low-privileged user that does not hold the "admin" or "power" Splunk roles could create a vi...

3.5

CVE-2025-20379

  • EPSS 0.02%
  • Veröffentlicht 12.11.2025 17:23:00
  • Zuletzt bearbeitet 03.12.2025 21:41:26

In Splunk Enterprise versions below 10.0.1, 9.4.5, 9.3.7, and 9.2.9 and Splunk Cloud Platform versions below 9.3.2411.116, 9.3.2408.124, 10.0.2503.5 and 10.1.2507.1, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could r...

6.1

CVE-2025-20378

  • EPSS 0.04%
  • Veröffentlicht 12.11.2025 17:22:56
  • Zuletzt bearbeitet 03.12.2025 21:43:31

In Splunk Enterprise versions below 10.0.1, 9.4.5, 9.3.7, 9.2.9, and Splunk Cloud Platform versions below 10.0.2503.5, 9.3.2411.111, and 9.3.2408.121, an unauthenticated attacker could craft a malicious URL using the `return_to` parameter of the Splu...

4.9

CVE-2025-20370

  • EPSS 0.1%
  • Veröffentlicht 01.10.2025 17:15:40
  • Zuletzt bearbeitet 08.10.2025 20:24:31

In Splunk Enterprise versions below 10.0.1, 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.108, 9.3.2408.118 and 9.2.2406.123, a user who holds a role that contains the high-privilege capability `change_authentication`, co...

6.5

CVE-2025-20369

  • EPSS 0.04%
  • Veröffentlicht 01.10.2025 17:15:40
  • Zuletzt bearbeitet 08.10.2025 20:24:06

In Splunk Enterprise versions below 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.108, 9.3.2408.118 and 9.2.2406.123, a low privilege user that does not hold the "admin" or "power" Splunk roles could perform an extensible...