Lucene search
+L

133 matches found

Prion
Prion
added 2023/02/14 6:15 p.m.20 views

Design/Logic Flaw

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘map’ search processing language SPL command lets a search bypass SPL safeguards for risky commands. The vulnerability requires a higher privileged user to initiate a request within their browser and only affects instances with...

6.8CVSS8.6AI score0.00587EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichment
added 2023/02/14 5:24 p.m.23 views

CVE-2023-22939 SPL Command Safeguards Bypass via the ‘map’ SPL Command in Splunk Enterprise

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘map’ search processing language SPL command lets a search bypass SPL safeguards for risky commands. The vulnerability requires a higher privileged user to initiate a request within their browser and only affects instances with...

8.1CVSS7.2AI score0.00587EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/02/14 5:24 p.m.32 views

CVE-2023-22939 SPL Command Safeguards Bypass via the ‘map’ SPL Command in Splunk Enterprise

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘map’ search processing language SPL command lets a search bypass SPL safeguards for risky commands. The vulnerability requires a higher privileged user to initiate a request within their browser and only affects instances with...

8.1CVSS8.8AI score0.00587EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/02/14 5:22 p.m.25 views

CVE-2023-22935 SPL Command Safeguards Bypass via the ‘display.page.search.patterns.sensitivity’ Search Parameter in Splunk Enterprise

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘display.page.search.patterns.sensitivity’ search parameter lets a search bypass SPL safeguards for risky commands. The vulnerability requires a higher privileged user to initiate a request within their browser and only affects...

8.1CVSS8.7AI score0.00613EPSS
Exploits0References2
CVE
CVE
added 2023/02/14 5:22 p.m.159 views

CVE-2023-22935

CVE-2023-22935 affects Splunk Enterprise versions prior to 8.1.13, 8.2.10, and 9.0.4. The vulnerability is caused by the display.page.search.patterns.sensitivity parameter which lets a user bypass SPL safeguards for risky commands. It requires a higher-privileged user to initiate a request from t...

8.8CVSS8.3AI score0.00613EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2023/02/14 5:22 p.m.55 views

CVE-2023-22940 SPL Command Safeguards Bypass via the ‘collect’ SPL Command Aliases in Splunk Enterprise

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, aliases of the ‘collect’ search processing language SPL command, including ‘summaryindex’, ‘sumindex’, ‘stash’,’ mcollect’, and ‘meventcollect’, were not designated as safeguarded commands. The commands could potentially allow for the...

6.3CVSS6.5AI score0.00429EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/02/14 12:0 a.m.4 views

PT-2023-18786 · Splunk · Splunk Enterprise

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 8.1.13 Splunk Enterprise versions prior to 8.2.10 Splunk Enterprise versions prior to 9.0.4 Description: A cross-site request forgery in the Splunk Secure Gateway SSG app in the 'kvstore client' REST endpoi...

5.4CVSS7.1AI score0.00203EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/02/14 12:0 a.m.6 views

PT-2023-18784 · Splunk · Splunk Enterprise

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 8.1.13 Splunk Enterprise versions prior to 8.2.10 Splunk Enterprise versions prior to 9.0.4 Description: The issue concerns aliases of the collect search processing language SPL command, including...

6.3CVSS7.1AI score0.00429EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/02/14 12:0 a.m.12 views

PT-2023-18776 · Splunk · Splunk Enterprise

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 8.1.13 Splunk Enterprise versions prior to 8.2.10 Splunk Enterprise versions prior to 9.0.4 Description: The issue allows for Cross-Site Scripting XSS in an extensible mark-up language XML View through the...

8CVSS6.2AI score0.0082EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2023/02/14 12:0 a.m.4 views

PT-2023-18778 · Splunk · Splunk Enterprise

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 8.1.13 Splunk Enterprise versions prior to 8.2.10 Splunk Enterprise versions prior to 9.0.4 Description: The issue allows a search to bypass safeguards for risky commands using the...

8.8CVSS7.4AI score0.00613EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/02/14 12:0 a.m.6 views

PT-2023-18775 · Splunk · Splunk Enterprise

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.0.4 Description: The issue allows for Cross-Site Scripting XSS through the error message in a Base64-encoded image in a View. This affects instances with Splunk Web enabled. Recommendations: For versions...

8.7CVSS6.3AI score0.00398EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2022/11/04 12:0 a.m.5 views

PT-2022-26973 · Splunk · Splunk Enterprise

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 8.1.12 Splunk Enterprise versions prior to 8.2.9 Splunk Enterprise versions prior to 9.0.2 Description: The issue allows an authenticated user to perform an extensible markup language XML external entity XX...

8.8CVSS6.5AI score0.00656EPSS
Exploits0References4
OSV
OSV
added 2022/11/03 11:15 p.m.2 views

CVE-2022-43561

In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, a remote user that holds the “power” Splunk role can store arbitrary scripts that can lead to persistent cross-site scripting XSS. The vulnerability affects instances with Splunk Web enabled...

4.8CVSS5.8AI score0.00634EPSS
Exploits1References2
Prion
Prion
added 2022/11/03 11:15 p.m.17 views

Cross site scripting

In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, a remote user that holds the “power” Splunk role can store arbitrary scripts that can lead to persistent cross-site scripting XSS. The vulnerability affects instances with Splunk Web enabled...

4.3CVSS5AI score0.00634EPSS
Exploits1References2Affected Software2
Vulnrichment
Vulnrichment
added 2022/11/03 10:6 p.m.7 views

CVE-2022-43561 Persistent Cross-Site Scripting in “Save Table” Dialog in Splunk Enterprise

In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, a remote user that holds the “power” Splunk role can store arbitrary scripts that can lead to persistent cross-site scripting XSS. The vulnerability affects instances with Splunk Web enabled...

6.4CVSS6.2AI score0.00634EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/11/03 10:6 p.m.29 views

CVE-2022-43561 Persistent Cross-Site Scripting in “Save Table” Dialog in Splunk Enterprise

In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, a remote user that holds the “power” Splunk role can store arbitrary scripts that can lead to persistent cross-site scripting XSS. The vulnerability affects instances with Splunk Web enabled...

6.4CVSS6.3AI score0.00634EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/11/03 12:0 a.m.30 views

Splunk Enterprise 8.1 < 8.1.12, 8.2.0 < 8.2.9, 9.0.0 < 9.0.2 (SVD-2022-1101)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2022-1101 advisory. - In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, a remote user that holds the power Splunk role can store...

6.4CVSS5.2AI score0.00634EPSS
Exploits1References2
OSV
OSV
added 2022/08/16 9:15 p.m.5 views

CVE-2022-37437

When using Ingest Actions to configure a destination that resides on Amazon Simple Storage Service S3 in Splunk Web, TLS certificate validation is not correctly performed and tested for the destination. The vulnerability only affects connections between Splunk Enterprise and an Ingest Actions...

9.8CVSS5.8AI score0.00382EPSS
Exploits0References1
NVD
NVD
added 2022/08/16 9:15 p.m.24 views

CVE-2022-37437

When using Ingest Actions to configure a destination that resides on Amazon Simple Storage Service S3 in Splunk Web, TLS certificate validation is not correctly performed and tested for the destination. The vulnerability only affects connections between Splunk Enterprise and an Ingest Actions...

9.8CVSS0.00382EPSS
Exploits0References1
OSV
OSV
added 2022/08/16 9:15 p.m.5 views

CVE-2022-37438

In Splunk Enterprise versions in the following table, an authenticated user can craft a dashboard that could potentially leak information for example, username, email, and real name about Splunk users, when visited by another user through the drilldown component. The vulnerability requires user...

3.5CVSS5.8AI score0.00443EPSS
Exploits0References2
Rows per page
Query Builder