Filtered by vendor Splunk
Subscriptions
Filtered by product Splunk Enterprise
Subscriptions
Total
29 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-45735 | 1 Splunk | 4 Splunk, Splunk Cloud Platform, Splunk Enterprise and 1 more | 2025-02-28 | 4.3 Medium |
| In Splunk Enterprise versions below 9.2.3 and 9.1.6, and Splunk Secure Gateway versions on Splunk Cloud Platform versions below 3.4.259, 3.6.17, and 3.7.0, a low-privileged user that does not hold the "admin" or "power" Splunk roles can see App Key Value Store (KV Store) deployment configuration and public/private keys in the Splunk Secure Gateway App. | ||||
| CVE-2024-45732 | 1 Splunk | 3 Splunk, Splunk Cloud Platform, Splunk Enterprise | 2025-02-28 | 7.1 High |
| In Splunk Enterprise versions below 9.3.1, and 9.2.0 versions below 9.2.3, and Splunk Cloud Platform versions below 9.2.2403.103, 9.1.2312.200, 9.1.2312.110 and 9.1.2308.208, a low-privileged user that does not hold the "admin" or "power" Splunk roles could run a search as the "nobody" Splunk user in the SplunkDeploymentServerConfig app. This could let the low-privileged user access potentially restricted data. | ||||
| CVE-2024-36982 | 1 Splunk | 4 Cloud, Splunk, Splunk Cloud Platform and 1 more | 2025-02-28 | 7.5 High |
| In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109 and 9.1.2308.207, an attacker could trigger a null pointer reference on the cluster/config REST endpoint, which could result in a crash of the Splunk daemon. | ||||
| CVE-2024-45731 | 2 Microsoft, Splunk | 3 Windows, Splunk, Splunk Enterprise | 2025-02-28 | 8 High |
| In Splunk Enterprise for Windows versions below 9.3.1, 9.2.3, and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could write a file to the Windows system root directory, which has a default location in the Windows System32 folder, when Splunk Enterprise for Windows is installed on a separate drive. | ||||
| CVE-2024-45733 | 2 Microsoft, Splunk | 3 Windows, Splunk, Splunk Enterprise | 2025-02-28 | 8.8 High |
| In Splunk Enterprise for Windows versions below 9.2.3 and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could perform a Remote Code Execution (RCE) due to an insecure session storage configuration. | ||||
| CVE-2024-45734 | 1 Splunk | 2 Splunk, Splunk Enterprise | 2025-02-28 | 4.3 Medium |
| In Splunk Enterprise versions 9.3.0, 9.2.3, and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could view images on the machine that runs Splunk Enterprise by using the PDF export feature in Splunk classic dashboards. The images on the machine could be exposed by exporting the dashboard as a PDF, using the local image path in the img tag in the source extensible markup language (XML) code for the Splunk classic dashboard. | ||||
| CVE-2024-53243 | 1 Splunk | 2 Splunk Enterprise, Splunk Secure Gateway | 2025-02-28 | 4.3 Medium |
| In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7 and versions below 3.2.462, 3.7.18, and 3.8.5 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could see alert search query responses using Splunk Secure Gateway App Key Value Store (KVstore) collections endpoints due to improper access control. | ||||
| CVE-2024-53247 | 1 Splunk | 2 Splunk Enterprise, Splunk Secure Gateway | 2025-02-28 | 8.8 High |
| In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7, and versions below 3.4.261 and 3.7.13 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could perform a Remote Code Execution (RCE). | ||||
| CVE-2024-36996 | 1 Splunk | 3 Splunk, Splunk Cloud Platform, Splunk Enterprise | 2025-02-28 | 5.3 Medium |
| In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109, an attacker could determine whether or not another user exists on the instance by deciphering the error response that they would likely receive from the instance when they attempt to log in. This disclosure could then lead to additional brute-force password-guessing attacks. This vulnerability would require that the Splunk platform instance uses the Security Assertion Markup Language (SAML) authentication scheme. | ||||