CVSS: 7.8EPSS: 14%CPEs: 4EXPL: 5CVE-2024-36991 – Path Traversal on the “/modules/messaging/“ endpoint in Splunk Enterprise on Windows
https://notcve.org/view.php?id=CVE-2024-36991
01 Jul 2024 — In Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10, an attacker could perform a path traversal on the /modules/messaging/ endpoint in Splunk Enterprise on Windows. This vulnerability should only affect Splunk Enterprise on Windows. En las versiones de Splunk Enterprise en Windows inferiores a 9.2.2, 9.1.5 y 9.0.10, un atacante podría realizar un path traversal en el endpoint /modules/messaging/ en Splunk Enterprise en Windows. Esta vulnerabilidad solo debería afectar a Splunk Enterprise... • https://github.com/bigb0x/CVE-2024-36991 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-35: Path Traversal: '.../ •
CVSS: 8.3EPSS: 0%CPEs: 3EXPL: 0CVE-2024-29945 – Splunk Authentication Token Exposure in Debug Log in Splunk Enterprise
https://notcve.org/view.php?id=CVE-2024-29945
27 Mar 2024 — In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the software potentially exposes authentication tokens during the token validation process. This exposure happens when either Splunk Enterprise runs in debug mode or the JsonWebToken component has been configured to log its activity at the DEBUG logging level. En las versiones de Splunk Enterprise inferiores a 9.2.1, 9.1.4 y 9.0.9, el software potencialmente expone tokens de autenticación durante el proceso de validación del token. Esta exposición... • https://advisory.splunk.com/advisories/SVD-2024-0301 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 9.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-29946 – Risky command safeguards bypass in Dashboard Examples Hub
https://notcve.org/view.php?id=CVE-2024-29946
27 Mar 2024 — In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the Dashboard Examples Hub lacks protections for risky SPL commands. This could let attackers bypass SPL safeguards for risky commands in the Hub. The vulnerability would require the attacker to phish the victim by tricking them into initiating a request within their browser. En las versiones de Splunk Enterprise inferiores a 9.2.1, 9.1.4 y 9.0.9, el Centro de ejemplos de paneles de la aplicación Splunk Dashboard Studio carece de protección para c... • https://advisory.splunk.com/advisories/SVD-2024-0302 • CWE-20: Improper Input Validation CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-23678 – Deserialization of Untrusted Data on Splunk Enterprise for Windows through Path Traversal from Separate Disk Partition
https://notcve.org/view.php?id=CVE-2024-23678
22 Jan 2024 — In Splunk Enterprise for Windows versions below 9.0.8 and 9.1.3, Splunk Enterprise does not correctly sanitize path input data. This results in the unsafe deserialization of untrusted data from a separate disk partition on the machine. This vulnerability only affects Splunk Enterprise for Windows. En las versiones de Splunk Enterprise para Windows inferiores a 9.0.8 y 9.1.3, Splunk Enterprise no sanitiza correctamente los datos de entrada de ruta. Esto da como resultado la deserialización insegura de datos ... • https://advisory.splunk.com/advisories/SVD-2024-0108 • CWE-20: Improper Input Validation •
CVSS: 4.6EPSS: 0%CPEs: 3EXPL: 0CVE-2024-23676 – Sensitive Information Disclosure of Index Metrics through “mrollup” SPL Command
https://notcve.org/view.php?id=CVE-2024-23676
22 Jan 2024 — In Splunk versions below 9.0.8 and 9.1.3, the “mrollup” SPL command lets a low-privileged user view metrics on an index that they do not have permission to view. This vulnerability requires user interaction from a high-privileged user to exploit. En las versiones de Splunk inferiores a 9.0.8 y 9.1.3, el comando SPL “mrollup” permite a un usuario con pocos privilegios ver métricas en un índice para el que no tiene permiso. Esta vulnerabilidad requiere la interacción de un usuario con altos privilegios para p... • https://advisory.splunk.com/advisories/SVD-2024-0106 • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-23675 – Splunk App Key Value Store (KV Store) Improper Handling of Permissions Leads to KV Store Collection Deletion
https://notcve.org/view.php?id=CVE-2024-23675
22 Jan 2024 — In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store (KV Store) improperly handles permissions for users that use the REST application programming interface (API). This can potentially result in the deletion of KV Store collections. En las versiones de Splunk Enterprise inferiores a 9.0.8 y 9.1.3, el almacén de valores clave de la aplicación Splunk (KV Store) maneja incorrectamente los permisos para los usuarios que usan la interfaz de programación de aplicaciones (API) REST. Pote... • https://advisory.splunk.com/advisories/SVD-2024-0105 • CWE-284: Improper Access Control CWE-863: Incorrect Authorization •
CVSS: 4.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-46213 – Cross-site Scripting (XSS) on “Show Syntax Highlighted” View in Search Page
https://notcve.org/view.php?id=CVE-2023-46213
16 Nov 2023 — In Splunk Enterprise versions below 9.0.7 and 9.1.2, ineffective escaping in the “Show syntax Highlighted” feature can result in the execution of unauthorized code in a user’s web browser. En las versiones de Splunk Enterprise inferiores a 9.0.7 y 9.1.2, el escape ineficaz en la función "Mostrar sintaxis resaltada" puede resultar en la ejecución de código no autorizado en el navegador web de un usuario. • https://advisory.splunk.com/advisories/SVD-2023-1103 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 17%CPEs: 3EXPL: 1CVE-2023-46214 – Remote code execution (RCE) in Splunk Enterprise through Insecure XML Parsing
https://notcve.org/view.php?id=CVE-2023-46214
16 Nov 2023 — In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language transformations (XSLT) that users supply. This means that an attacker can upload malicious XSLT which can result in remote code execution on the Splunk Enterprise instance. En las versiones de Splunk Enterprise inferiores a 9.0.7 y 9.1.2, Splunk Enterprise no sanitiza de forma segura las transformaciones de lenguaje de hojas de estilo extensibles (XSLT) que proporcionan los usuarios... • https://packetstorm.news/files/id/176154 • CWE-91: XML Injection (aka Blind XPath Injection) •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-40597 – Absolute Path Traversal in Splunk Enterprise Using runshellscript.py
https://notcve.org/view.php?id=CVE-2023-40597
30 Aug 2023 — In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can exploit an absolute path traversal to execute arbitrary code that is located on a separate disk. • https://advisory.splunk.com/advisories/SVD-2023-0806 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-36: Absolute Path Traversal •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-40596 – Splunk Enterprise on Windows Privilege Escalation due to Insecure OPENSSLDIR Build Definition Reference in DLL
https://notcve.org/view.php?id=CVE-2023-40596
30 Aug 2023 — In Splunk Enterprise versions earlier than 8.2.12, 9.0.6, and 9.1.1, a dynamic link library (DLL) that ships with Splunk Enterprise references an insecure path for the OPENSSLDIR build definition. An attacker can abuse this reference and subsequently install malicious code to achieve privilege escalation on the Windows machine. • https://advisory.splunk.com/advisories/SVD-2023-0805 • CWE-427: Uncontrolled Search Path Element CWE-665: Improper Initialization •