Splunk Security Vulnerabilities and Issues — Splunk CVE List

Lucene search

SplunkSplunk

10 matches found

CVE•added 2023/06/01 5:15 p.m.•231 views

CVE-2023-32707

In versions of Splunk Enterprise below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform below version 9.0.2303.100, a low-privileged user who holds a role that has the ‘edit_user’ capability assigned to it can escalate their privileges to that of the admin user by providing specially crafted we...

8.8CVSS8.6AI score0.82474EPSS

CVE•added 2023/06/01 5:15 p.m.•170 views

CVE-2023-32708

In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform versions below 9.0.2303.100, a low-privileged user can trigger an HTTP response splitting vulnerability with the ‘rest’ SPL command that lets them potentially access other REST endpoints in the system arbitrari...

8.8CVSS7.9AI score0.00157EPSS

CVE•added 2023/06/01 5:15 p.m.•161 views

CVE-2023-32712

In Splunk Enterprise versions below 9.1.0.2, 9.0.5.1, and 8.2.11.2, an attacker can inject American National Standards Institute (ANSI) escape codes into Splunk log files that, when a vulnerable terminal application reads them, can potentially, at worst, result in possible code execution in the vul...

8.6CVSS5.3AI score0.00213EPSS

CVE•added 2023/06/01 5:15 p.m.•155 views

CVE-2023-32711

In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, a Splunk dashboard view lets a low-privileged user exploit a vulnerability in the Bootstrap web framework (CVE-2019-8331) and build a stored cross-site scripting (XSS) payload.

5.4CVSS6.2AI score0.02292EPSS

CVE•added 2023/06/01 5:15 p.m.•151 views

CVE-2023-32706

On Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, an unauthenticated attacker can send specially-crafted messages to the XML parser within SAML authentication to cause a denial of service in the Splunk daemon.

7.7CVSS6.7AI score0.00165EPSS

CVE•added 2023/06/01 5:15 p.m.•148 views

CVE-2023-32714

In the Splunk App for Lookup File Editing versions below 4.0.1, a low-privileged user can, with a specially crafted web request, trigger a path traversal exploit that can then be used to read and write to restricted areas of the Splunk installation directory.

8.1CVSS8AI score0.22215EPSS

CVE•added 2023/06/01 5:15 p.m.•142 views

CVE-2023-32710

In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and in Splunk Cloud Platform versions below 9.0.2303.100, a low-privileged user can perform an unauthorized transfer of data from a search using the ‘copyresults’ command if they know the search ID (SID) of a search job that has recentl...

5.3CVSS5.2AI score0.00215EPSS

CVE•added 2023/06/01 5:15 p.m.•141 views

CVE-2023-32716

In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform versions below 9.0.2303.100, an attacker can exploit a vulnerability in the {{dump}} SPL command to cause a denial of service by crashing the Splunk daemon.

6.5CVSS6.4AI score0.0016EPSS

CVE•added 2023/06/01 5:15 p.m.•136 views

CVE-2023-32717

On Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and in Splunk Cloud Platform versions below 9.0.2303.100, an unauthorized user can access the {{/services/indexing/preview}} REST endpoint to overwrite search results if they know the search ID (SID) of an existing search job.

4.3CVSS4.5AI score0.00091EPSS

CVE•added 2023/06/01 5:15 p.m.•133 views

CVE-2023-32709

In Splunk Enterprise versions below 9.0.5, 8.2.11. and 8.1.14, and Splunk Cloud Platform versions below 9.0.2303.100, a low-privileged user who holds the ‘user’ role can see the hashed version of the initial user name and password for the Splunk instance by using the ‘rest’ SPL command against the ...

4.3CVSS4.9AI score0.00125EPSS