Vulnerabilidades en Splunk
170 resultadosCVE-2023-22935HIGHSPL Command Safeguards Bypass via the ‘display.page.search.patterns.sensitivity’ Search Parameter in Splunk EnterpriseEPSS 0.6%CVE-2023-32706HIGHDenial Of Service due to Untrusted XML Tag in XML Parser within SAML AuthenticationEPSS 0.6%CVE-2023-40598HIGHCommand Injection in Splunk Enterprise Using External LookupsEPSS 0.6%CVE-2022-43565HIGHRisky command safeguards bypass via ‘tstats command JSON in Splunk EnterpriseEPSS 0.6%CVE-2022-43563HIGHRisky command safeguards bypass via rex search command field names in Splunk EnterpriseEPSS 0.6%CVE-2022-26070MEDIUMError message discloses internal pathEPSS 0.6%CVE-2023-22939HIGHSPL Command Safeguards Bypass via the ‘map’ SPL Command in Splunk EnterpriseEPSS 0.6%CVE-2021-3422HIGHIndexer denial-of-service via malformed S2S requestEPSS 0.6%CVE-2026-20251HIGHRemote Code Execution through Deserialization of Untrusted Data in Splunk Secure GatewayEPSS 0.6%CVE-2024-36997MEDIUMPersistent Cross-site Scripting (XSS) in conf-web/settings REST endpointEPSS 0.5%CVE-2023-40592HIGHReflected Cross-site Scripting (XSS) on "/app/search/table" web endpointEPSS 0.5%CVE-2024-45736MEDIUMImproperly Formatted ‘INGEST_EVAL’ Parameter Crashes Splunk DaemonEPSS 0.5%CVE-2025-20370MEDIUMDenial of Service (DoS) through Multiple LDAP Bind Requests in Splunk EnterpriseEPSS 0.5%CVE-2024-45731HIGHPotential Remote Command Execution (RCE) through arbitrary file write to Windows system root directory when Splunk Enterprise for Windows is installed on a separate diskEPSS 0.5%CVE-2024-22165MEDIUMDenial of Service in Splunk Enterprise Security of the Investigations manager through Investigation creationEPSS 0.5%CVE-2024-45739MEDIUMSensitive information disclosure in AdminManager logging channelEPSS 0.5%CVE-2024-36982HIGHDenial of Service through null pointer reference in “cluster/config” REST endpointEPSS 0.5%CVE-2024-45738MEDIUMSensitive information disclosure in REST_Calls logging channelEPSS 0.5%CVE-2023-40593MEDIUMDenial of Service (DoS) in Splunk Enterprise Using a Malformed SAML RequestEPSS 0.5%CVE-2026-20239HIGHSensitive Information Disclosure through Log Files in Splunk EnterpriseEPSS 0.5%