CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

Positive Technologies•added 2026/04/15 12:0 a.m.•3 views

PT-2026-33067

Name of the Vulnerable Software and Affected Versions Splunk MCP Server app versions prior to 1.0.3 Description A user with a role that has access to the Splunk internal index or the high-privilege capability mcp tool admin can view user session and authorization tokens in clear text. This issue...

7.2CVSS6AI score0.00056EPSS

Exploits0References4

CNNVD•added 2026/04/15 12:0 a.m.•4 views

Splunk MCP Server 安全漏洞

The Splunk MCP Server is a multi-cloud platform server provided by the American company Splunk. Versions of the Splunk MCP Server app prior to 1.0.3 contained security vulnerabilities. These vulnerabilities stemmed from the storage of plaintext sessions and authorization tokens, which could allow...

7.2CVSS6AI score0.00056EPSS

Exploits0References1

RedhatCVE•added 2025/12/13 5:2 p.m.•1 views

CVE-2025-20381

In Splunk MCP Server app versions below 0.2.4, a user with access to the "runsplunkquery" Model Context Protocol MCP tool could bypass the SPL command allowlist controls in MCP by embedding SPL commands as sub-searches, leading to unauthorized actions beyond the intended MCP restrictions...

5.4CVSS6.9AI score0.00051EPSS

Exploits0References1

Positive Technologies•added 2025/12/03 12:0 a.m.•2 views

PT-2025-48953

In Splunk MCP Server app versions below 0.2.4, a user with access to the "run splunk query" Model Context Protocol MCP tool could bypass the SPL command allowlist controls in MCP by embedding SPL commands as sub-searches, leading to unauthorized actions beyond the intended MCP restrictions...

5.4CVSS7AI score0.00051EPSS

Exploits0References2

Citrix•added 2022/03/27 12:0 a.m.•6 views

Citrix-ADM using localhost IP 127.0.0.1 to send syslog traffic to Splunk server

Citrix-ADM 13.0 76.29 is noted to be using localhost IP to send Syslog traffic instead of ADM IP to external Syslog server. As a result, Citrix ADM is not able to send the Syslog traffic to Splunk server successfully as seen below. A tcpdump on Citrix ADM also shows traffic is generated and sent...

7AI score

Exploits0

Kitploit•added 2019/12/11 8:25 p.m.•226 views

Splunk Attack Range - A Tool That Allows You To Create Vulnerable Instrumented Local Or Cloud Environments To Simulate Attacks Against And Collect The Data Into Splunk

The Attack Range solves two main challenges in development of detections. First, it allows the user to quickly build a small lab infrastructure as close as possible to your production environment. This lab infrastructure contains a Windows Domain Controller, Windows Workstation and Linux server,...

6.7AI score

Exploits0References5

OSV•added 2019/01/15 9:29 p.m.•0 views

CVE-2019-0029

Juniper ATP Series Splunk credentials are logged in a file readable by authenticated local users. Using these credentials an attacker can access the Splunk server. This issue affects Juniper ATP 5.0 versions prior to 5.0.3...

7.8CVSS5.8AI score

Exploits0References1