Splunk

Splunk Cloud Platform

77 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2024-53245

  • EPSS 0.12%
  • Published 10.12.2024 18:15:41
  • Last modified 06.03.2025 19:54:57

In Splunk Enterprise versions below 9.3.0, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions below 9.1.2312.206, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles, that has a username with the same name as a role with rea...

5.4

CVE-2024-45741

  • EPSS 0.18%
  • Published 14.10.2024 17:15:13
  • Last modified 17.10.2024 13:12:54

In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108 and 9.1.2312.205, a low-privileged user that does not hold the "admin" or "power" Splunk roles could create a malicious payload through a custom...

5.4

CVE-2024-45740

  • EPSS 0.1%
  • Published 14.10.2024 17:15:13
  • Last modified 17.10.2024 13:14:20

In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload through Scheduled Views that could res...

3.5

CVE-2024-45737

  • EPSS 0.02%
  • Published 14.10.2024 17:15:12
  • Last modified 16.10.2024 22:18:17

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108, and 9.1.2312.204, a low-privileged user that does not hold the "admin" or "power" Splunk roles could change the maintenance mode state ...

6.5

CVE-2024-45736

  • EPSS 0.08%
  • Published 14.10.2024 17:15:12
  • Last modified 16.10.2024 22:19:44

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.107, 9.1.2312.204, and 9.1.2312.111, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a search query...

4.3

CVE-2024-45735

  • EPSS 0.03%
  • Published 14.10.2024 17:15:12
  • Last modified 16.10.2024 22:20:32

In Splunk Enterprise versions below 9.2.3 and 9.1.6, and Splunk Secure Gateway versions on Splunk Cloud Platform versions below 3.4.259, 3.6.17, and 3.7.0, a low-privileged user that does not hold the "admin" or "power" Splunk roles can see App Key V...

6.5

CVE-2024-45732

  • EPSS 0.04%
  • Published 14.10.2024 17:15:11
  • Last modified 17.10.2024 13:03:52

In Splunk Enterprise versions below 9.3.1, and 9.2.0 versions below 9.2.3, and Splunk Cloud Platform versions below 9.2.2403.103, 9.1.2312.200, 9.1.2312.110 and 9.1.2308.208, a low-privileged user that does not hold the "admin" or "power" Splunk role...

8.1

CVE-2024-36997

  • EPSS 0.48%
  • Published 01.07.2024 17:15:09
  • Last modified 07.03.2025 16:48:11

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312, an admin user could store and execute arbitrary JavaScript code in the browser context of another Splunk user through the conf-web/setting...

5.3

CVE-2024-36996

  • EPSS 0.41%
  • Published 01.07.2024 17:15:08
  • Last modified 21.11.2024 09:23:00

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109, an attacker could determine whether or not another user exists on the instance by deciphering the error response that they would likel...

3.5

CVE-2024-36995

  • EPSS 0.25%
  • Published 01.07.2024 17:15:08
  • Last modified 21.11.2024 09:22:59

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the admin or power Splunk roles could create experimental items.