The vulnerability of the Splunk Enterprise operating analysis platform lies in the incorrect limitation of the path name to the restricted access directory, allowing a malicious user to write any file into the root directory of the Windows system.

The vulnerability of the Splunk Enterprise operating platform relates to an incorrect restriction on the path name to the restricted access directory. Exploiting this vulnerability could allow a malicious actor to write any file into the root directory of the Windows system...

The vulnerability in the Splunk Web interface of the Splunk Enterprise operating analysis platform allows a perpetrator to carry out cross-site scripting attacks.

The vulnerability of the Splunk Web interface of the Splunk Enterprise operating analysis platform is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks...

The vulnerability in the Splunk Web interface of the Splunk Enterprise operating analysis platform allows attackers to perform cross-site scripting attacks (XSS).

The vulnerability in the Splunk Web interface of the Splunk Enterprise operating analysis platform is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS by injecting malicious...

The vulnerability of the mobile device registration and mobile application deployment mechanism of Splunk Secure Gateway, a platform for operational analytics in Splunk Enterprise, relates to deficiencies in access control. This vulnerability allows a malicious actor to delete data from the KV Store (Key Value Store).

The vulnerability of the mobile device registration and mobile application deployment mechanism of Splunk Secure Gateway, a platform for operational analytics in Splunk Enterprise, is related to deficiencies in access control to the KV Store Key Value Store. Exploiting this vulnerability could...

The vulnerability of the splunkd component of the Splunk Enterprise platform for operational analytics allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the splunkd component of the Splunk Enterprise platform for operational analytics is related to insufficient protection of operational data. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected information...

The vulnerability of the SplunkDeploymentServerConfig component of the Splunk Enterprise platform for operational analytics allows a perpetrator to disclose protected information.

The vulnerability of the Splunk Enterprise platform for operational analysis is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker to disclose sensitive information that is protected by the system...

The vulnerability of the Splunk Web platform for operational analysis in Splunk Enterprise allows a attacker to perform a CSRF attack.

The vulnerability of the Splunk Web platform for operational analysis in Splunk Enterprise relates to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to execute a CSRF attack using a specially created web page...

Vulnerabilities fixed in Splunk Enterprise

Splunk has fixed vulnerabilities in Splunk Enterprise. A malicious party could exploit the vulnerabilities to gain access to sensitive data, or execute arbitrary code in the context of the application. For successful abuse, the malicious party must be authenticated prior. Splunk has released...

The vulnerability of the Splunk Web platform for operational analysis in Splunk Enterprise allows a perpetrator to execute arbitrary code.

The vulnerability of the Splunk Web platform for operational analysis in Splunk Enterprise is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by writing a file to the Windows system’s root directory...

CVE-2024-45740

In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload through Scheduled Views that could result in execution of unauthorized JavaScript cod...

CVE-2024-45740

In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload through Scheduled Views that could result in execution of unauthorized JavaScript cod...

CVE-2024-45741

In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108 and 9.1.2312.205, a low-privileged user that does not hold the "admin" or "power" Splunk roles could create a malicious payload through a custom configuration file that the "api.uri" paramete...

CVE-2024-45741

In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108 and 9.1.2312.205, a low-privileged user that does not hold the "admin" or "power" Splunk roles could create a malicious payload through a custom configuration file that the "api.uri" paramete...

CVE-2024-45737

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108, and 9.1.2312.204, a low-privileged user that does not hold the "admin" or "power" Splunk roles could change the maintenance mode state of App Key Value Store KVStore through a...

CVE-2024-45738

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes sensitive HTTP parameters to the internal index. This exposure could happen if you configure the Splunk Enterprise RESTCalls log channel at the DEBUG logging level...

CVE-2024-45736

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.107, 9.1.2312.204, and 9.1.2312.111, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a search query with an improperly formatted "INGESTEVAL"...

CVE-2024-45737

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108, and 9.1.2312.204, a low-privileged user that does not hold the "admin" or "power" Splunk roles could change the maintenance mode state of App Key Value Store KVStore through a...

CVE-2024-45739

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes plaintext passwords for local native authentication Splunk users. This exposure could happen when you configure the Splunk Enterprise AdminManager log channel at the DEBUG logging level...

CVE-2024-45736

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.107, 9.1.2312.204, and 9.1.2312.111, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a search query with an improperly formatted "INGESTEVAL"...

CVE-2024-45735

In Splunk Enterprise versions below 9.2.3 and 9.1.6, and Splunk Secure Gateway versions on Splunk Cloud Platform versions below 3.4.259, 3.6.17, and 3.7.0, a low-privileged user that does not hold the "admin" or "power" Splunk roles can see App Key Value Store KV Store deployment configuration an...