Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2022-65928
HistoryJun 24, 2022 - 12:00 a.m.

Splunk Command Injection Vulnerability

2022-06-2400:00:00
China National Vulnerability Database
www.cnvd.org.cn
24
splunk
command injection
data collection

EPSS

0.003

Percentile

67.9%

JSON

Splunk is a suite of data collection and analysis software from Splunk, Inc. The software is primarily used to collect, index, and analyze the data it generates, including data generated by all IT systems and infrastructures (physical, virtual machines, and cloud.) A command injection vulnerability exists in versions prior to Splunk Enterprise 9.0 and versions prior to Splunk cloud platform 8.2.2106. An attacker could exploit this vulnerability to inject a risky search command into a form token.

Related

prion 1
cvelist 1
cve 1
nvd 1
nessus 1
prion
prion
Design/Logic Flaw
2022-06-15 17:15:00
cvelist
cvelist
CVE-2022-32154 Risky commands warnings in Splunk Enterprise Dashboards
2022-06-15 16:48:46
cve
cve
CVE-2022-32154
2022-06-15 17:15:09
nvd
nvd
CVE-2022-32154
2022-06-15 17:15:09
nessus
nessus
Splunk Enterprise < 9.0 Multiple Vulnerabilities
2022-08-11 00:00:00

EPSS

0.003

Percentile

67.9%

JSON
Related for CNVD-2022-65928
prion1cvelist1cve1nvd1nessus1