Splunk News Articles
Recent news articles refferecing the vendors vulnerabilities.
Week in review: CrowdStrike update causes widespread IT outage, critical Splunk Enterprise flaw - Help Net Security
Hereโs an overview of some of last weekโs most interesting news, articles, interviews and videos: Faulty CrowdStrike update takes out Windows machines
7 months ago
Help Net SecurityCVE-2024-36991Critical Splunk flaw can be exploited to grab passwords (CVE-2024-36991) - Help Net Security
A recently fixed vulnerability (CVE-2024-36991) affecting Splunk Enterprise on Windows "is more severe than it initially appeared."
7 months ago
CybersecurityNewsCVE-2024-36991PoC Exploit Released For Splunk Enterprise Local File Inclusion Vulnerability
A proof-of-concept (PoC) exploit has been released for a critical local file inclusion vulnerability in Splunk Enterprise, identified as CVE-2024-36991. This vulnerability affects Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10, specifically on Windows systems. The vulnerability arises fro...
7 months ago
SploitusCVE-2024-36991๐ Exploit for CVE-2024-36991
Exploit for CVE-2024-36991 | Sploitus | Exploit & Hacktool Search Engine
7 months ago
SploitusCVE-2024-36991๐ Exploit for CVE-2024-36991
Exploit for CVE-2024-36991 | Sploitus | Exploit & Hacktool Search Engine
7 months ago
Pentest-Tools.comCVE-2024-36991Splunk Enterprise - Local File Inclusion (CVE-2024-36991)
In Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10, an attacker could perform a path traversal on the /modules/messaging/ endpoint in Splunk Enterprise on Windows.
7 months ago
Cyware LabsCVE-2023-46214PoC for Splunk Enterprise RCE flaw released (CVE-2023-46214)
A proof-of-concept exploit for a high-severity vulnerability in Splunk Enterprise has been made public. The flaw, identified as CVE-2023-46214, allows attackers to execute remote code by uploading malicious extensible stylesheet language transformations (XSLT). The affected versions include Splunk E...
9 months ago
Multiple Splunk Vulnerabilities Attackers Bypass SPL Safeguards : Patch Now
Splunk Inc. has disclosed two significant vulnerabilities within its software suite, posing a considerable risk to organizations utilizing Splunk Enterprise and Splunk Cloud Platform.
10 months ago
TheCyberThroneCVE-2024-23678Splunk Patches CVE-2024-23678 Deserialization bug
Splunk has addressed multiple vulnerabilities in Splunk Enterprise that includes a high-severity deserialization flaw. The vulnerability tracked as CVE-2024-23678 with CVSS score 7.5, impacting the Windows version. The advisory stats that Splunk Enterprise for Windows versions below 9.0.8 and 9.1.3 ...
1 year ago
Week in review: PoC for Splunk Enterprise RCE flaw released, scope of Okta breach widens - Help Net Security
Hereโs an overview of some of last weekโs most interesting news, articles, interviews and videos: Vulnerability disclosure: Legal risks and ethical
1 year ago
UptycsCVE-2023-46214CVE-2023-46214: the Splunk Remote Code Execution (RCE) Vulnerability
Take a deep dive into the critical CVE-2023-46214 RCE vulnerability in Splunk, learn about its exploitation & find out how to stay secure.
1 year ago
Help Net SecurityCVE-2023-46214PoC for Splunk Enterprise RCE flaw released (CVE-2023-46214) - Help Net Security
A proof-of-concept (PoC) exploit for a flaw in Splunk Enterprise (CVE-2023-46214) that can lead to remote code execution is public.
1 year ago
Analysis of CVE-2023-46214 + PoC
CVE-2023-46214 is a Remote Code Execution (RCE) vulnerability found in Splunk Enterprise which was disclosed on November 16, 2023 in the Splunk security advisory SVD-2023-1104. The description of the vulnerability essentially states that Splunk Enterprise versions below 9.0.7 and 9.1.2 are not safel...
1 year ago