12 matches found
CVE-2026-20240
In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.11, and 9.3.12, and Splunk Cloud Platform versions below 10.4.2603.1, 10.3.2512.9, 10.2.2510.11, 10.1.2507.21, 10.0.2503.13, and 9.3.2411.129, a low-privileged user that does not hold the ‘admin’ or ‘power’ Splunk roles could cause a Denial ...
CVE-2026-20240
In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.11, and 9.3.12, and Splunk Cloud Platform versions below 10.4.2603.1, 10.3.2512.9, 10.2.2510.11, 10.1.2507.21, 10.0.2503.13, and 9.3.2411.129, a low-privileged user that does not hold the ‘admin’ or ‘power’ Splunk roles could cause a Denial ...
CVE-2026-20240 Denial of Service through coldToFrozen.sh Script in Splunk Enterprise
In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.11, and 9.3.12, and Splunk Cloud Platform versions below 10.4.2603.1, 10.3.2512.9, 10.2.2510.11, 10.1.2507.21, 10.0.2503.13, and 9.3.2411.129, a low-privileged user that does not hold the ‘admin’ or ‘power’ Splunk roles could cause a Denial ...
CVE-2026-20240
CVE-2026-20240 affects Splunk Enterprise (versions below 10.2.2, 10.0.5, 9.4.11, 9.3.12) and Splunk Cloud Platform (below 10.4.2603.1, 10.3.2512.9, 10.2.2510.11, 10.1.2507.21, 10.0.2503.13, 9.3.2411.129). A low-privilege user (not admin/power) can trigger a Denial of Service by abusing the coldTo...
CVE-2026-20240
In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.11, and 9.3.12, and Splunk Cloud Platform versions below 10.4.2603.1, 10.3.2512.9, 10.2.2510.11, 10.1.2507.21, 10.0.2503.13, and 9.3.2411.129, a low-privileged user that does not hold the ‘admin’ or ‘power’ Splunk roles could cause a Denial ...
CVE-2026-20240 Denial of Service through coldToFrozen.sh Script in Splunk Enterprise
In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.11, and 9.3.12, and Splunk Cloud Platform versions below 10.4.2603.1, 10.3.2512.9, 10.2.2510.11, 10.1.2507.21, 10.0.2503.13, and 9.3.2411.129, a low-privileged user that does not hold the ‘admin’ or ‘power’ Splunk roles could cause a Denial ...
EUVD-2026-31138
In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.11, and 9.3.12, and Splunk Cloud Platform versions below 10.4.2603.1, 10.3.2512.9, 10.2.2510.11, 10.1.2507.21, 10.0.2503.13, and 9.3.2411.129, a low-privileged user that does not hold the ‘admin’ or ‘power’ Splunk roles could cause a Denial ...
📄 Splunk Enterprise 9.1.5 / 9.2.2 Remote Code Execution
This PHP script is a proof of concept exploit for CVE-2024-36985, an authenticated Remote Code Execution vulnerability affecting Splunk instances where the splunkarchiver app is installed and enabled. It is a conversion of a Metasploit module into PHP...
📄 Splunk Enterprise 9.1.5 / 9.2.2 Remote Code Execution
Proof of concept exploit for a critical authenticated remote code execution vulnerability that affects multiple versions of Splunk Enterprise when the splunkarchiver application is enabled...
CVE-2025-20323
In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, a low-privileged user that does not hold the "admin" or "power" Splunk roles could turn off the scheduled search Bucket Copy Trigger within the Splunk Archiver application. This is because of missing access controls in the saved...
CVE-2024-36985
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10, a low-privileged user that does not hold the admin or power Splunk roles could cause a Remote Code Execution through an external lookup that references the “splunkarchiver“ application...
PT-2024-27233
Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 9.2.2 Splunk Enterprise versions prior to 9.1.5 Splunk Enterprise versions prior to 9.0.10 Description A low-privileged user that does not hold the admin or power Splunk roles could cause a Remote Code...