133 matches found
The vulnerability of the Analytics Workspace web interface module in the Splunk Web platform for operational analysis in Splunk Enterprise allows a hacker to bypass security restrictions and execute arbitrary commands.
The vulnerability of the Analytics Workspace web interface in the Splunk Web platform for operational analysis in Splunk Enterprise is related to insufficient protection of sensitive data. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and execute arbitrary...
The vulnerability in the Splunk Web interface of the Splunk Enterprise operating analysis platform allows a perpetrator to carry out cross-site scripting attacks.
The vulnerability of the Splunk Web interface of the Splunk Enterprise operating analysis platform is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks remotely...
The vulnerability of the Splunk Web platform for operational analysis in Splunk Enterprise allows a hacker to read arbitrary files.
The vulnerability of the Splunk Web platform for operational analysis in Splunk Enterprise relates to an incorrect restriction on the path to the restricted-access directory. Exploiting this vulnerability could allow a malicious actor to read arbitrary files remotely...
Exploit for Path Traversal in Splunk
CVE-2024-36991 POC for CVE-2024-36991: This exploit will attem...
CVE-2024-36993
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the admin or power Splunk roles could craft a malicious payload through a Splunk Web Bulletin Messages that could result in...
CVE-2024-36993 Persistent Cross-site Scripting (XSS) in Web Bulletin
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the admin or power Splunk roles could craft a malicious payload through a Splunk Web Bulletin Messages that could result in...
PT-2024-27235 · Splunk · Splunk Cloud Platform +1
Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.2.2 Splunk Enterprise versions prior to 9.1.5 Splunk Enterprise versions prior to 9.0.10 Splunk Cloud Platform versions prior to 9.1.2312.200 Splunk Cloud Platform versions prior to 9.1.2308.207...
PT-2024-4753 · Splunk · Splunk Cloud Platform +1
Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.2.2 Splunk Enterprise versions prior to 9.1.5 Splunk Enterprise versions prior to 9.0.10 Splunk Cloud Platform versions prior to 9.1.2312.200 Description: The issue is related to the Upload Data module in...
PT-2024-4750 · Splunk · Splunk Cloud Platform +1
Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.2.2 Splunk Enterprise versions prior to 9.1.5 Splunk Enterprise versions prior to 9.0.10 Splunk Cloud Platform versions prior to 9.1.2312.200 Splunk Cloud Platform versions prior to 9.1.2308.207...
The vulnerability in the Splunk Web interface of the Splunk Enterprise operating analysis platform allows a malicious actor to read and write arbitrary files into the system.
The vulnerability of the Splunk Enterprise platform for operational analysis is related to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability allows a malicious actor to read and write arbitrary files into the system using a specially created HTTP...
The vulnerability in the Splunk Web interface of the Splunk Enterprise operating analysis platform allows a perpetrator to execute arbitrary code.
The vulnerability of the Splunk Web platform for operational analysis in Splunk Enterprise is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially crafted request...
The vulnerability in the Splunk Web interface of the Splunk Enterprise operating system’s operational analysis platform allows a perpetrator to execute arbitrary code and gain increased privileges.
The vulnerability in the Splunk Web interface of the Splunk Enterprise operating system’s operational analysis platform is related to an incorrect initialization of resources when processing the OPENSSLDIR value. Exploiting this vulnerability allows an attacker to execute arbitrary code and gain...
The vulnerability in the Splunk Web interface of the Splunk Enterprise operating analysis platform allows a perpetrator to carry out cross-site scripting attacks.
The vulnerability in the Splunk Web interface of the Splunk Enterprise operational analytics platform is related to the lack of protection for the web page structure during the processing of the final endpoint /app/search/table. Exploiting this vulnerability allows a malicious actor to perform...
PT-2023-4797 · Splunk · Splunk Enterprise
Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 8.2.12 Splunk Enterprise versions prior to 9.0.6 Splunk Enterprise versions prior to 9.1.1 Description: The issue is related to a deserialization mechanism flaw in the Splunk Web interface of Splunk...
Splunk Enterprise 8.1 < 8.1.13, 8.2.0 < 8.2.10, 9.0.0 < 9.0.4 (SVD-2023-0210)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2023-0210 advisory. - In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, aliases of the collect' search processing language SPL command...
Splunk Enterprise 8.1 < 8.1.13, 8.2.0 < 8.2.10, 9.0.0 < 9.0.4 (SVD-2023-0205)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2023-0205 advisory. - In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the display.page.search.patterns.sensitivity' search parameter...
CVE-2023-22940
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, aliases of the ‘collect’ search processing language SPL command, including ‘summaryindex’, ‘sumindex’, ‘stash’,’ mcollect’, and ‘meventcollect’, were not designated as safeguarded commands. The commands could potentially allow for the...
CVE-2023-22932
In Splunk Enterprise 9.0 versions before 9.0.4, a View allows for Cross-Site Scripting XSS through the error message in a Base64-encoded image. The vulnerability affects instances with Splunk Web enabled. It does not affect Splunk Enterprise versions below 9.0...
CVE-2023-22935
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘display.page.search.patterns.sensitivity’ search parameter lets a search bypass SPL safeguards for risky commands. The vulnerability requires a higher privileged user to initiate a request within their browser and only affects...
Design/Logic Flaw
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘map’ search processing language SPL command lets a search bypass SPL safeguards for risky commands. The vulnerability requires a higher privileged user to initiate a request within their browser and only affects instances with...