3 matches found
CVE-2026-20164
In Splunk Enterprise versions below 10.2.0, 10.0.3, 9.4.9, and 9.3.10, and Splunk Cloud Platform versions below 10.2.2510.5, 10.1.2507.16, 10.0.2503.11, and 9.3.2411.123, a low-privileged user that does not hold the "admin" or "power" Splunk roles could access the...
CVE-2024-12225
CVE-2024-12225 affects Quarkus, specifically the quarkus-security-webauthn module. The vulnerability arises because default REST endpoints for user registration/login remain accessible when developers add custom endpoints, potentially allowing an attacker to obtain a login cookie with no correspo...
PT-2023-23977 · Splunk · Splunk Cloud Platform +1
Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.0.5 Splunk Enterprise versions prior to 8.2.11 Splunk Enterprise versions prior to 8.1.14 Splunk Cloud Platform versions prior to 9.0.2303.100 Description: A low-privileged user with the user role can...