215 matches found
Splunk Enterprise和Splunk Cloud Platform 跨站脚本漏洞
Splunk Cloud Platform and Splunk Enterprise are both products of Splunk Corporation, U.S.A. Splunk Cloud Platform is a powerful data collection, processing, and analytics service.Splunk Enterprise is a suite of data collection and analytics software. A cross-site scripting vulnerability exists in...
Splunk Cloud Platform和Splunk Enterprise 跨站脚本漏洞
Splunk Cloud Platform and Splunk Enterprise are both products of Splunk Corporation, U.S.A. Splunk Cloud Platform is a powerful data collection, processing, and analytics service.Splunk Enterprise is a suite of data collection and analytics software. A cross-site scripting vulnerability exists in...
Splunk Cloud Platform和Splunk Enterprise 访问控制错误漏洞
Splunk Cloud Platform and Splunk Enterprise are both products of Splunk Corporation, U.S.A. Splunk Cloud Platform is a powerful data collection, processing, and analytics service.Splunk Enterprise is a suite of data collection and analytics software. An access control error vulnerability exists i...
CVE-2025-20324
In Splunk Enterprise versions below 9.4.2, 9.3.5, 9.2.7, and 9.1.10 and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.2408.113, and 9.2.2406.119, a low-privileged user that does not hold the "admin" or "power" Splunk roles could create or overwrite system source type configurations by...
Vulnerabilities fixed in Splunk Enterprise and Splunk Cloud Platform
Splunk has fixed vulnerabilities in Splunk Enterprise and Splunk Cloud Platform. The vulnerabilities in Splunk Enterprise and Splunk Cloud Platform allow both low-privileged and high-privileged users to perform unauthorized actions, such as suppressing alerts, executing remote commands, and causi...
CVE-2025-20322
In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.2408.113, and 9.2.2406.119, an unauthenticated attacker could send a specially-crafted SPL search command that could trigger a rolling restart in the Search Head Cluster...
CVE-2025-20320
In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7 and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.107, 9.3.2408.117, and 9.2.2406.121, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload through the User Interface - View...
CVE-2025-20321 Membership State Change in Splunk Search Head Cluster through a Cross-Site Request Forgery (CSRF) in Splunk Enterprise
In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7 and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.2408.114, and 9.2.2406.119, an unauthenticated attacker can send a specially-crafted SPL search that could change the membership state in a Splunk Search Head Cluster SHC...
Splunk Cloud Platform和Splunk Enterprise 安全漏洞
Splunk Cloud Platform and Splunk Enterprise are both products of Splunk Corporation, U.S.A. Splunk Cloud Platform is a powerful data collection, processing, and analytics service.Splunk Enterprise is a suite of data collection and analytics software. A security vulnerability exists in Splunk...
Splunk Cloud Platform和Splunk Enterprise 跨站请求伪造漏洞
Splunk Cloud Platform and Splunk Enterprise are both products of Splunk Corporation, U.S.A. Splunk Cloud Platform is a powerful data collection, processing, and analytics service.Splunk Enterprise is a suite of data collection and analytics software. A cross-site request forgery vulnerability...
Splunk Cloud Platform和Splunk Enterprise 安全漏洞
Splunk Cloud Platform and Splunk Enterprise are both products of Splunk Corporation, U.S.A. Splunk Cloud Platform is a powerful data collection, processing, and analytics service.Splunk Enterprise is a suite of data collection and analytics software. A security vulnerability exists in Splunk...
Splunk Cloud Platform和Splunk Enterprise 跨站请求伪造漏洞
Splunk Cloud Platform and Splunk Enterprise are both products of Splunk Corporation, U.S.A. Splunk Cloud Platform is a powerful data collection, processing, and analytics service.Splunk Enterprise is a suite of data collection and analytics software. A cross-site request forgery vulnerability...
PT-2025-28229 · Splunk · Splunk Enterprise +1
Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.4.2 Splunk Enterprise versions prior to 9.3.5 Splunk Enterprise versions prior to 9.2.6 Splunk Enterprise versions prior to 9.1.9 Splunk Cloud Platform versions prior to 9.3.2411.103 Splunk Cloud Platform...
Splunk Cloud Platform和Splunk Enterprise 跨站脚本漏洞
Splunk Cloud Platform and Splunk Enterprise are both products of Splunk, Inc. of the U.S. Splunk Cloud Platform is a powerful data collection, processing, and analytics service.Splunk Enterprise is a suite of data collection and analytics software. A cross-site scripting vulnerability exists in...
CVE-2025-20228
In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform versions below 9.2.2403.108, and 9.1.2312.204, a low-privileged user that does not hold the "admin" or "power" Splunk roles could change the maintenance mode state of App Key Value Store KVStore through a...
Vulnerabilities fixed in Splunk Enterprise and Splunk Cloud Platform
Splunk fixed vulnerabilities in Splunk Enterprise and Splunk Cloud Platform The vulnerabilities allow low-privileged users to abuse higher user privileges, which can lead to unauthorized actions and access to sensitive information. This can occur through phishing attacks and Cross-Site Request...
CVE-2025-20231
In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and versions below 3.8.38 and 3.7.23 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could run a search using the permissions of a...
CVE-2025-20229
In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8, and Splunk Cloud Platform versions below 9.3.2408.104, 9.2.2406.108, 9.2.2403.114, and 9.1.2312.208, a low-privileged user that does not hold the "admin" or "power" Splunk roles could perform a Remote Code Execution RCE through a file...
CVE-2025-20229
In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8, and Splunk Cloud Platform versions below 9.3.2408.104, 9.2.2406.108, 9.2.2403.114, and 9.1.2312.208, a low-privileged user that does not hold the "admin" or "power" Splunk roles could perform a Remote Code Execution RCE through a file...
CVE-2025-20226
In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform versions below 9.3.2408.107, 9.2.2406.111, and 9.1.2308.214, a low-privileged user that does not hold the "admin" or "power" Splunk roles could run a saved search with a risky command using the permission...