Lucene search
K

248 matches found

Vulnrichment
Vulnrichment
added 2023/02/14 5:22 p.m.8 views

CVE-2023-22935 SPL Command Safeguards Bypass via the ‘display.page.search.patterns.sensitivity’ Search Parameter in Splunk Enterprise

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘display.page.search.patterns.sensitivity’ search parameter lets a search bypass SPL safeguards for risky commands. The vulnerability requires a higher privileged user to initiate a request within their browser and only affects...

8.1CVSS8.6AI score0.00613EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/02/14 5:22 p.m.22 views

CVE-2023-22935 SPL Command Safeguards Bypass via the ‘display.page.search.patterns.sensitivity’ Search Parameter in Splunk Enterprise

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘display.page.search.patterns.sensitivity’ search parameter lets a search bypass SPL safeguards for risky commands. The vulnerability requires a higher privileged user to initiate a request within their browser and only affects...

8.1CVSS8.7AI score0.00613EPSS
Exploits0References2
CVE
CVE
added 2023/02/14 5:22 p.m.157 views

CVE-2023-22935

CVE-2023-22935 affects Splunk Enterprise versions prior to 8.1.13, 8.2.10, and 9.0.4. The vulnerability is caused by the display.page.search.patterns.sensitivity parameter which lets a user bypass SPL safeguards for risky commands. It requires a higher-privileged user to initiate a request from t...

8.8CVSS8.3AI score0.00613EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichment
added 2023/02/14 5:22 p.m.17 views

CVE-2023-22934 SPL Command Safeguards Bypass via the ‘pivot’ SPL Command in Splunk Enterprise

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘pivot’ search processing language SPL command lets a search bypass SPL safeguards for risky commands using a saved search job. The vulnerability requires an authenticated user to craft the saved job and a higher privileged user t...

7.3CVSS7AI score0.01121EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/02/14 5:22 p.m.25 views

CVE-2023-22934 SPL Command Safeguards Bypass via the ‘pivot’ SPL Command in Splunk Enterprise

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘pivot’ search processing language SPL command lets a search bypass SPL safeguards for risky commands using a saved search job. The vulnerability requires an authenticated user to craft the saved job and a higher privileged user t...

7.3CVSS8.1AI score0.01121EPSS
Exploits1References2
CVE
CVE
added 2023/02/14 5:22 p.m.160 views

CVE-2023-22934

Splunk Enterprise is affected in versions prior to 8.1.13, 8.2.10, and 9.0.4. The vulnerability stems from the pivot SPL command bypassing safeguards for risky commands when used with a saved search job, requiring an authenticated user to craft the saved job and a higher-privileged user to initia...

8CVSS7.5AI score0.01121EPSS
Exploits1References2Affected Software2
Cvelist
Cvelist
added 2023/02/14 5:22 p.m.52 views

CVE-2023-22940 SPL Command Safeguards Bypass via the ‘collect’ SPL Command Aliases in Splunk Enterprise

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, aliases of the ‘collect’ search processing language SPL command, including ‘summaryindex’, ‘sumindex’, ‘stash’,’ mcollect’, and ‘meventcollect’, were not designated as safeguarded commands. The commands could potentially allow for the...

6.3CVSS6.5AI score0.00429EPSS
Exploits0References2
Openbugbounty
Openbugbounty
added 2022/12/17 12:15 p.m.12 views

spl-granulat.fr Cross Site Scripting vulnerability OBB-3105936

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
NVD
NVD
added 2022/11/04 11:15 p.m.12 views

CVE-2022-43565

In Splunk Enterprise versions below 8.2.9 and 8.1.12, the way that the ‘tstats command handles Javascript Object Notation JSON lets an attacker bypass SPL safeguards for risky commands https://docs.splunk.com/Documentation/SplunkCloud/latest/Security/SPLsafeguards . The vulnerability requires the...

8.8CVSS0.00595EPSS
Exploits0References1
NVD
NVD
added 2022/11/04 11:15 p.m.22 views

CVE-2022-43566

In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can run risky commands using a more privileged user’s permissions to bypass SPL safeguards for risky commands https://docs.splunk.com/Documentation/SplunkCloud/latest/Security/SPLsafeguards in the Analytics...

8CVSS0.00778EPSS
Exploits1References2
NVD
NVD
added 2022/11/04 11:15 p.m.23 views

CVE-2022-43563

In Splunk Enterprise versions below 8.2.9 and 8.1.12, the way that the rex search command handles field names lets an attacker bypass SPL safeguards for risky commands https://docs.splunk.com/Documentation/SplunkCloud/latest/Security/SPLsafeguards . The vulnerability requires the attacker to phis...

8.8CVSS0.00595EPSS
Exploits0References1
Prion
Prion
added 2022/11/04 11:15 p.m.17 views

Design/Logic Flaw

In Splunk Enterprise versions below 8.2.9 and 8.1.12, the way that the ‘tstats command handles Javascript Object Notation JSON lets an attacker bypass SPL safeguards for risky commands https://docs.splunk.com/Documentation/SplunkCloud/latest/Security/SPLsafeguards . The vulnerability requires the...

6.8CVSS8.7AI score0.00595EPSS
Exploits0References1Affected Software2
Prion
Prion
added 2022/11/04 11:15 p.m.33 views

Design/Logic Flaw

In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can run risky commands using a more privileged user’s permissions to bypass SPL safeguards for risky commands https://docs.splunk.com/Documentation/SplunkCloud/latest/Security/SPLsafeguards in the Analytics...

6CVSS7.7AI score0.00778EPSS
Exploits1References2Affected Software2
CVE
CVE
added 2022/11/04 10:20 p.m.73 views

CVE-2022-43565

CVE-2022-43565 (Splunk Enterprise) : Affects Splunk Enterprise versions prior to 8.2.9 and prior to 8.1.12. Root cause: the tstats command’s handling of JSON can bypass SPL safeguards for risky commands, enabling manipulation if a user is phished into initiating a request in their browser. Exploi...

8.8CVSS8.6AI score0.00595EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2022/11/04 10:20 p.m.6 views

CVE-2022-43565 Risky command safeguards bypass via ‘tstats command JSON in Splunk Enterprise

In Splunk Enterprise versions below 8.2.9 and 8.1.12, the way that the ‘tstats command handles Javascript Object Notation JSON lets an attacker bypass SPL safeguards for risky commands https://docs.splunk.com/Documentation/SplunkCloud/latest/Security/SPLsafeguards . The vulnerability requires the...

8.1CVSS7.2AI score0.00595EPSS
Exploits0References1
CVE
CVE
added 2022/11/04 10:19 p.m.69 views

CVE-2022-43563

Splunk Enterprise is affected in versions before 8.2.9 and 8.1.12 due to how the rex search command handles field names, which can bypass SPL safeguards for risky commands. The attack requires phishing the victim into initiating a request in their browser; it is not exploitable at will. The issue...

8.8CVSS8.6AI score0.00595EPSS
Exploits0References1Affected Software2
Mageia
Mageia
added 2022/06/18 9:30 p.m.189 views

Updated php packages fix security vulnerability

CLI -Fixed bug 8575 CLI closes standard streams too early. Core -Fixed Haiku ZTS builds. Date -Fixed bug 8471 Segmentation fault when converting immutable and mutable DateTime instances created using reflection. php-fpm - Fixed bug 72185 writes empty fcgi record causing nginx 502. Mysqlnd - Fixed...

8.8CVSS0.5AI score0.5838EPSS
Exploits3References2
OSV
OSV
added 2022/06/18 9:30 p.m.16 views

MGASA-2022-0234 Updated php packages fix security vulnerability

CLI -Fixed bug 8575 CLI closes standard streams too early. Core -Fixed Haiku ZTS builds. Date -Fixed bug 8471 Segmentation fault when converting immutable and mutable DateTime instances created using reflection. php-fpm - Fixed bug 72185 writes empty fcgi record causing nginx 502. Mysqlnd - Fixed...

8.8CVSS8.7AI score0.5838EPSS
Exploits3References3
NVD
NVD
added 2022/06/15 5:15 p.m.23 views

CVE-2022-32154

Dashboards in Splunk Enterprise versions before 9.0 might let an attacker inject risky search commands into a form token when the token is used in a query in a cross-origin request. The result bypasses SPL safeguards for risky commands. See New capabilities can limit access to some custom and...

8.1CVSS0.01271EPSS
Exploits0References6
Prion
Prion
added 2022/06/15 5:15 p.m.18 views

Design/Logic Flaw

Dashboards in Splunk Enterprise versions before 9.0 might let an attacker inject risky search commands into a form token when the token is used in a query in a cross-origin request. The result bypasses SPL safeguards for risky commands. See New capabilities can limit access to some custom and...

4CVSS8AI score0.01271EPSS
Exploits0References6Affected Software2
Rows per page
Query Builder