Splunk

Splunk Cloud Platform

96 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.9

CVE-2025-20370

  • EPSS 0.1%
  • Veröffentlicht 01.10.2025 17:15:40
  • Zuletzt bearbeitet 08.10.2025 20:24:31

In Splunk Enterprise versions below 10.0.1, 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.108, 9.3.2408.118 and 9.2.2406.123, a user who holds a role that contains the high-privilege capability `change_authentication`, co...

6.5

CVE-2025-20369

  • EPSS 0.06%
  • Veröffentlicht 01.10.2025 17:15:40
  • Zuletzt bearbeitet 08.10.2025 20:24:06

In Splunk Enterprise versions below 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.108, 9.3.2408.118 and 9.2.2406.123, a low privilege user that does not hold the "admin" or "power" Splunk roles could perform an extensible...

5.4

CVE-2025-20367

  • EPSS 0.05%
  • Veröffentlicht 01.10.2025 17:15:39
  • Zuletzt bearbeitet 08.10.2025 20:22:49

In Splunk Enterprise versions below 9.4.4, 9.3.6 and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.109, 9.3.2408.119 and 9.2.2406.122, a low-privileged user that does not hold the 'admin' or 'power' Splunk roles could craft a malicious pay...

6.5

CVE-2025-20366

  • EPSS 0.04%
  • Veröffentlicht 01.10.2025 17:15:39
  • Zuletzt bearbeitet 08.10.2025 20:36:04

In Splunk Enterprise versions below 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.111, 9.3.2408.119, and 9.2.2406.122, a low-privileged user that does not hold the admin or power Splunk roles could access sensitive search...

5.4

CVE-2025-20368

  • EPSS 0.05%
  • Veröffentlicht 01.10.2025 17:15:39
  • Zuletzt bearbeitet 08.10.2025 20:22:57

In Splunk Enterprise versions below 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.108, 9.3.2408.118 and 9.2.2406.123, a low privileged user that does not hold the admin or power Splunk roles could craft a malicious payloa...

4.3

CVE-2025-20322

  • EPSS 0.08%
  • Veröffentlicht 07.07.2025 17:48:05
  • Zuletzt bearbeitet 21.07.2025 20:54:57

In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.2408.113, and 9.2.2406.119, an unauthenticated attacker could send a specially-crafted SPL search command that could trigg...

4.3

CVE-2025-20321

  • EPSS 0.07%
  • Veröffentlicht 07.07.2025 17:48:03
  • Zuletzt bearbeitet 21.07.2025 20:57:33

In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7 and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.2408.114, and 9.2.2406.119, an unauthenticated attacker can send a specially-crafted SPL search that could change the membe...

5.3

CVE-2025-20325

  • EPSS 0.19%
  • Veröffentlicht 07.07.2025 17:48:02
  • Zuletzt bearbeitet 01.08.2025 18:36:57

In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.103, 9.3.2408.113, and 9.2.2406.119, the software potentially exposes the search head cluster [splunk.secret](https://help.splunk.c...

5.4

CVE-2025-20324

  • EPSS 0.17%
  • Veröffentlicht 07.07.2025 17:48:00
  • Zuletzt bearbeitet 21.07.2025 20:43:59

In Splunk Enterprise versions below 9.4.2, 9.3.5, 9.2.7, and 9.1.10 and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.2408.113, and 9.2.2406.119, a low-privileged user that does not hold the "admin" or "power" Splunk roles could create or ov...

7.3

CVE-2025-20320

  • EPSS 0.29%
  • Veröffentlicht 07.07.2025 17:47:59
  • Zuletzt bearbeitet 21.07.2025 20:58:05

In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7 and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.107, 9.3.2408.117, and 9.2.2406.121, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a mali...