Vulnerabilidades em Splunk
170 resultadosCVE-2024-36987MEDIUMInsecure File Upload in the indexing/preview REST endpointEPSS 0.3%CVE-2024-53243MEDIUMInformation Disclosure in Mobile Alert Responses in Splunk Secure GatewayEPSS 0.3%CVE-2023-3997HIGHUnauthenticated Log Injection In Splunk SOAREPSS 0.3%CVE-2025-20230MEDIUMMissing Access Control and Incorrect Ownership of Data in App Key Value Store (KVStore) collections in the Splunk Secure Gateway AppEPSS 0.3%CVE-2025-20369MEDIUMExtensible Markup Language (XML) External Entity Injection (XXE) through Dashboard label field on Splunk EnterpriseEPSS 0.3%CVE-2026-20205HIGHSensitive Information Disclosure in ''_internal'' index in Splunk MCP Server appEPSS 0.3%CVE-2024-36989MEDIUMLow-privileged user could create notifications in Splunk Web Bulletin MessagesEPSS 0.3%CVE-2024-53246MEDIUMSensitive Information Disclosure through SPL commandsEPSS 0.3%CVE-2025-20383MEDIUMImproper access control through push notifications for reports and alerts in Splunk Secure Gateway appEPSS 0.3%CVE-2026-20252HIGHServer-Side Request Forgery (SSRF) through Dashboard Studio PDF Export in Splunk EnterpriseEPSS 0.3%CVE-2026-20256MEDIUMImproper Input Validation through Protocol-Relative URL in Classic Dashboards in Splunk EnterpriseEPSS 0.3%CVE-2025-22621MEDIUMPrivilege escalation for users who hold the “splunk_app_soar“ role in the Splunk App for SOAREPSS 0.3%CVE-2025-20323MEDIUMMissing Access Control of Saved Searches in the Splunk Archiver appEPSS 0.3%CVE-2025-20300MEDIUMImproper Access Control Lets Low-Privilege Users Suppress Read-Only Alerts in Splunk EnterpriseEPSS 0.3%CVE-2026-20254MEDIUMInformation Disclosure through External Content Restriction Bypass in Splunk EnterpriseEPSS 0.2%CVE-2026-20202MEDIUMImproper Input Validation during User Account Creation in Splunk EnterpriseEPSS 0.2%CVE-2025-20379LOWRisky command safeguards bypass using the “/services/streams/search“ REST endpoint through “q“ parameter in Splunk EnterpriseEPSS 0.2%CVE-2026-20255MEDIUMImproper Input Validation through Classic Dashboards in Splunk EnterpriseEPSS 0.2%CVE-2025-20298HIGHIncorrect permission assignment on Universal Forwarder for Windows during new installation or upgradeEPSS 0.2%CVE-2023-4571HIGHUnauthenticated Log Injection in Splunk IT Service Intelligence (ITSI)EPSS 0.2%