Vulnerabilidades em Splunk
170 resultadosCVE-2024-36983HIGHCommand Injection using External LookupsEPSS 1.0%CVE-2024-29945HIGHSplunk Authentication Token Exposure in Debug Log in Splunk EnterpriseEPSS 0.9%CVE-2022-32152HIGHSplunk Enterprise lacked TLS cert validation for Splunk-to-Splunk communication by defaultEPSS 0.8%CVE-2023-22933HIGHPersistent Cross-Site Scripting through the ‘module’ Tag in a View in Splunk EnterpriseEPSS 0.8%CVE-2023-40595HIGHRemote Code Execution via Serialized Session PayloadEPSS 0.8%CVE-2021-31559HIGHS2S TcpToken authentication bypassEPSS 0.8%CVE-2022-43564MEDIUMDenial of Service in Splunk Enterprise through search macrosEPSS 0.8%CVE-2021-33845MEDIUMUsername enumeration through lockout message in REST APIEPSS 0.8%CVE-2022-43566HIGHRisky command safeguards bypass via Search ID query in Analytics Workspace in Splunk EnterpriseEPSS 0.8%CVE-2024-29946HIGHRisky command safeguards bypass in Dashboard Examples HubEPSS 0.8%CVE-2022-43572HIGHIndexing blockage via malformed data sent through S2S or HEC protocols in Splunk EnterpriseEPSS 0.8%CVE-2023-32708HIGHHTTP Response Splitting via the ‘rest’ SPL CommandEPSS 0.7%CVE-2021-26253HIGHBypass of Splunk Enterprise's implementation of DUO MFAEPSS 0.7%CVE-2022-32156HIGHSplunk Enterprise and Universal Forwarder CLI connections lacked TLS cert validationEPSS 0.7%CVE-2022-43569HIGHPersistent Cross-Site Scripting via a Data Model object name in Splunk EnterpriseEPSS 0.7%CVE-2024-36990MEDIUMDenial of Service (DoS) on the datamodel/web REST endpointEPSS 0.7%CVE-2022-43570HIGHXML External Entity Injection through a custom View in Splunk EnterpriseEPSS 0.7%CVE-2022-43561MEDIUMPersistent Cross-Site Scripting in “Save Table” Dialog in Splunk EnterpriseEPSS 0.6%CVE-2023-32716MEDIUMDenial of Service via the 'dump' SPL commandEPSS 0.6%CVE-2022-27183HIGHReflected XSS in a query parameter of the Monitoring ConsoleEPSS 0.6%