Splunk Security Vulnerabilities and Issues — Splunk CVE List

Lucene search

SplunkSplunk

4 matches found

CVE•added 2010/06/24 12:17 p.m.•46 views

CVE-2010-2429

Cross-site scripting (XSS) vulnerability in Splunk 4.0 through 4.1.2, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer in a "404 Not Found" response.

4.3CVSS5.7AI score0.00277EPSS

CVE•added 2010/06/28 6:30 p.m.•45 views

CVE-2010-2503

Multiple cross-site scripting (XSS) vulnerabilities in Splunk 4.0 through 4.0.10 and 4.1 through 4.1.1 allow remote attackers to inject arbitrary web script or HTML via (1) redirects, aka SPL-31067; (2) unspecified "user->user or user->admin" vectors, aka SPL-31084; or (3) unspecified "user i...

4.3CVSS5.9AI score0.00263EPSS

CVE•added 2010/06/28 6:30 p.m.•40 views

CVE-2010-2502

Multiple directory traversal vulnerabilities in Splunk 4.0 through 4.0.10 and 4.1 through 4.1.1 allow (1) remote attackers to read arbitrary files, aka SPL-31194; (2) remote authenticated users to modify arbitrary files, aka SPL-31063; or (3) have an unknown impact via redirects, aka SPL-31067.

7.5CVSS6.8AI score0.00255EPSS

CVE•added 2010/06/28 6:30 p.m.•36 views

CVE-2010-2504

Splunk 4.0 through 4.0.10 and 4.1 through 4.1.1 allows remote authenticated users to obtain sensitive information via HTTP header injection, aka SPL-31066.

6CVSS6AI score0.00366EPSS