Lucene search
K

215 matches found

cnnvd
cnnvd
added 2025/10/01 12:0 a.m.5 views

Splunk Enterprise和Splunk Cloud Platform 跨站脚本漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of Splunk Corporation, U.S.A. Splunk Cloud Platform is a powerful data collection, processing, and analytics service.Splunk Enterprise is a suite of data collection and analytics software. A cross-site scripting vulnerability exists in...

5.7CVSS6.2AI score0.00335EPSS
Exploits0References2
cnnvd
cnnvd
added 2025/10/01 12:0 a.m.4 views

Splunk Cloud Platform和Splunk Enterprise 跨站脚本漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of Splunk Corporation, U.S.A. Splunk Cloud Platform is a powerful data collection, processing, and analytics service.Splunk Enterprise is a suite of data collection and analytics software. A cross-site scripting vulnerability exists in...

5.7CVSS6.2AI score0.00335EPSS
Exploits0References2
cnnvd
cnnvd
added 2025/10/01 12:0 a.m.5 views

Splunk Cloud Platform和Splunk Enterprise 访问控制错误漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of Splunk Corporation, U.S.A. Splunk Cloud Platform is a powerful data collection, processing, and analytics service.Splunk Enterprise is a suite of data collection and analytics software. An access control error vulnerability exists i...

6.5CVSS6.3AI score0.0041EPSS
Exploits0References2
redhatcve
redhatcve
added 2025/07/09 6:16 p.m.13 views

CVE-2025-20324

In Splunk Enterprise versions below 9.4.2, 9.3.5, 9.2.7, and 9.1.10 and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.2408.113, and 9.2.2406.119, a low-privileged user that does not hold the "admin" or "power" Splunk roles could create or overwrite system source type configurations by...

5.4CVSS6.4AI score0.00221EPSS
Exploits0References1
ncsc
ncsc
added 2025/07/08 12:3 p.m.5 views

Vulnerabilities fixed in Splunk Enterprise and Splunk Cloud Platform

Splunk has fixed vulnerabilities in Splunk Enterprise and Splunk Cloud Platform. The vulnerabilities in Splunk Enterprise and Splunk Cloud Platform allow both low-privileged and high-privileged users to perform unauthorized actions, such as suppressing alerts, executing remote commands, and causi...

7.3CVSS7.2AI score0.0043EPSS
Exploits0References8
nvd
nvd
added 2025/07/07 6:15 p.m.6 views

CVE-2025-20322

In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.2408.113, and 9.2.2406.119, an unauthenticated attacker could send a specially-crafted SPL search command that could trigger a rolling restart in the Search Head Cluster...

4.3CVSS0.00186EPSS
Exploits0References1
osv
osv
added 2025/07/07 6:15 p.m.5 views

CVE-2025-20320

In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7 and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.107, 9.3.2408.117, and 9.2.2406.121, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload through the User Interface - View...

7.3CVSS5.9AI score0.00367EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/07/07 5:48 p.m.7 views

CVE-2025-20321 Membership State Change in Splunk Search Head Cluster through a Cross-Site Request Forgery (CSRF) in Splunk Enterprise

In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7 and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.2408.114, and 9.2.2406.119, an unauthenticated attacker can send a specially-crafted SPL search that could change the membership state in a Splunk Search Head Cluster SHC...

6.5CVSS6.5AI score0.00168EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/07/07 12:0 a.m.4 views

Splunk Cloud Platform和Splunk Enterprise 安全漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of Splunk Corporation, U.S.A. Splunk Cloud Platform is a powerful data collection, processing, and analytics service.Splunk Enterprise is a suite of data collection and analytics software. A security vulnerability exists in Splunk...

7.3CVSS6.3AI score0.00367EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/07/07 12:0 a.m.4 views

Splunk Cloud Platform和Splunk Enterprise 跨站请求伪造漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of Splunk Corporation, U.S.A. Splunk Cloud Platform is a powerful data collection, processing, and analytics service.Splunk Enterprise is a suite of data collection and analytics software. A cross-site request forgery vulnerability...

4.3CVSS6.4AI score0.00186EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/07/07 12:0 a.m.6 views

Splunk Cloud Platform和Splunk Enterprise 安全漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of Splunk Corporation, U.S.A. Splunk Cloud Platform is a powerful data collection, processing, and analytics service.Splunk Enterprise is a suite of data collection and analytics software. A security vulnerability exists in Splunk...

4.3CVSS6.4AI score0.0025EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/07/07 12:0 a.m.5 views

Splunk Cloud Platform和Splunk Enterprise 跨站请求伪造漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of Splunk Corporation, U.S.A. Splunk Cloud Platform is a powerful data collection, processing, and analytics service.Splunk Enterprise is a suite of data collection and analytics software. A cross-site request forgery vulnerability...

6.5CVSS6.4AI score0.00168EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2025/07/07 12:0 a.m.10 views

PT-2025-28229 · Splunk · Splunk Enterprise +1

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.4.2 Splunk Enterprise versions prior to 9.3.5 Splunk Enterprise versions prior to 9.2.6 Splunk Enterprise versions prior to 9.1.9 Splunk Cloud Platform versions prior to 9.3.2411.103 Splunk Cloud Platform...

4.3CVSS6.3AI score0.0025EPSS
Exploits0References6
cnnvd
cnnvd
added 2025/06/02 12:0 a.m.4 views

Splunk Cloud Platform和Splunk Enterprise 跨站脚本漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of Splunk, Inc. of the U.S. Splunk Cloud Platform is a powerful data collection, processing, and analytics service.Splunk Enterprise is a suite of data collection and analytics software. A cross-site scripting vulnerability exists in...

5.4CVSS6.1AI score0.155EPSS
Exploits0References3
redhatcve
redhatcve
added 2025/03/28 10:42 p.m.15 views

CVE-2025-20228

In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform versions below 9.2.2403.108, and 9.1.2312.204, a low-privileged user that does not hold the "admin" or "power" Splunk roles could change the maintenance mode state of App Key Value Store KVStore through a...

6.5CVSS7.3AI score0.00218EPSS
Exploits0References3
ncsc
ncsc
added 2025/03/27 9:18 a.m.49 views

Vulnerabilities fixed in Splunk Enterprise and Splunk Cloud Platform

Splunk fixed vulnerabilities in Splunk Enterprise and Splunk Cloud Platform The vulnerabilities allow low-privileged users to abuse higher user privileges, which can lead to unauthorized actions and access to sensitive information. This can occur through phishing attacks and Cross-Site Request...

8.7CVSS6.8AI score0.13987EPSS
Exploits0References8
osv
osv
added 2025/03/26 10:15 p.m.3 views

CVE-2025-20231

In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and versions below 3.8.38 and 3.7.23 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could run a search using the permissions of a...

5.7CVSS5.8AI score0.00479EPSS
Exploits0References1
attackerkb
attackerkb
added 2025/03/26 10:15 p.m.2 views

CVE-2025-20229

In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8, and Splunk Cloud Platform versions below 9.3.2408.104, 9.2.2406.108, 9.2.2403.114, and 9.1.2312.208, a low-privileged user that does not hold the "admin" or "power" Splunk roles could perform a Remote Code Execution RCE through a file...

8CVSS7.5AI score0.13987EPSS
Exploits0References2Affected Software2
osv
osv
added 2025/03/26 10:15 p.m.2 views

CVE-2025-20229

In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8, and Splunk Cloud Platform versions below 9.3.2408.104, 9.2.2406.108, 9.2.2403.114, and 9.1.2312.208, a low-privileged user that does not hold the "admin" or "power" Splunk roles could perform a Remote Code Execution RCE through a file...

8CVSS5.9AI score0.13987EPSS
Exploits0References1
osv
osv
added 2025/03/26 10:15 p.m.4 views

CVE-2025-20226

In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform versions below 9.3.2408.107, 9.2.2406.111, and 9.1.2308.214, a low-privileged user that does not hold the "admin" or "power" Splunk roles could run a saved search with a risky command using the permission...

5.7CVSS5.8AI score0.00434EPSS
Exploits0References1
Rows per page
Query Builder