Splunk Latest High & Critical Vulnerabilities
Latest High & Critical vulnerabilities published by splunk
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Low-Privileged User RCE Vulnerability in Splunk Enterprise and Secure Gateway
CVE-2024-53247SplunkSplunk Enterprise8.8HIGHLow-Privileged User Vulnerability in Splunk Enterprise
CVE-2024-45732SplunkSplunk Enterprise7.1HIGHRemote Code Execution (RCE) due to insecure session storage configuration in Splunk Enterprise on Windows
CVE-2024-45733SplunkSplunk Enterprise8.8HIGHPotential Remote Command Execution (RCE) through arbitrary file write to Windows system root directory when Splunk Enterprise for Windows is installed on a separate disk
CVE-2024-45731SplunkSplunk Enterprise8HIGHSplunk Enterprise Crash Vulnerability
CVE-2024-36982SplunkSplunk Enterprise7.5HIGHSplunk Enterprise Path Traversal Vulnerability on Windows
CVE-2024-36991SplunkSplunk Enterpriseπ₯ππ°πΎπ‘EPSS 12%π°7.5HIGHLow-Privileged User Vulnerability in Splunk Enterprise Could Lead to Remote Code Execution
CVE-2024-36985SplunkSplunk Enterprise8.8HIGHSplunk Enterprise Vulnerability Allows Arbitrary Code Execution
CVE-2024-36984SplunkSplunk Enterprise8.8HIGHAuthenticated User Vulnerability in Splunk Enterprise and Splunk Cloud Platform Could Allow Arbitrary Code Execution
CVE-2024-36983SplunkSplunk Enterprise8HIGHSplunk Authentication Token Exposure in Debug Log in Splunk Enterprise
CVE-2024-29945SplunkSplunk Enterpriseπ°7.2HIGHSplunk Enterprise Vulnerability: Risky SPL Commands in Dashboard Examples Hub
CVE-2024-29946SplunkSplunk Enterpriseπ°8.1HIGHSensitive Information Disclosure to Internal Log Files in Splunk Add-on Builder
CVE-2023-46230SplunkSplunk Add-on Builder8.2HIGHSession Token Disclosure to Internal Log Files in Splunk Add-on Builder
CVE-2023-46231SplunkSplunk Add-on Builder8.8HIGHUnsafe Deserialization of Untrusted Data in Splunk Enterprise for Windows
CVE-2024-23678SplunkSplunk Enterpriseπ°7.5HIGHSplunk Enterprise Vulnerability: Remote Code Execution via Malicious XSLT
CVE-2023-46214SplunkSplunk EnterpriseπΎEPSS 17%π°8HIGHUnauthenticated Log Injection in Splunk IT Service Intelligence (ITSI)
CVE-2023-4571SplunkSplunk Itsi8.6HIGHCommand Injection in Splunk Enterprise Using External Lookups
CVE-2023-40598SplunkSplunk Enterprise8.5HIGHAbsolute Path Traversal in Splunk Enterprise Using runshellscript.py
CVE-2023-40597SplunkSplunk Enterprise7.8HIGHReflected Cross-site Scripting (XSS) on "/app/search/table" web endpoint
CVE-2023-40592SplunkSplunk Enterprise8.4HIGHRemote Code Execution via Serialized Session Payload
CVE-2023-40595SplunkSplunk Enterprise8.8HIGHSplunk Enterprise on Windows Privilege Escalation due to Insecure OPENSSLDIR Build Definition Reference in DLL
CVE-2023-40596SplunkSplunk Enterprise7HIGHUnauthenticated Log Injection In Splunk SOAR
CVE-2023-3997SplunkSplunk Soar (on-premises)8.6HIGHDenial Of Service due to Untrusted XML Tag in XML Parser within SAML Authentication
CVE-2023-32706SplunkSplunk Enterprise7.7HIGHβedit_userβ Capability Privilege Escalation
CVE-2023-32707SplunkSplunk EnterpriseπΎπ‘EPSS 88%8.8HIGHPath Traversal in Splunk App for Lookup File Editing
CVE-2023-32714SplunkSplunk App For Lookup ...8.1HIGH