24 results (0.004 seconds)

CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 0

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes plaintext passwords for local native authentication Splunk users. This exposure could happen when you configure the Splunk Enterprise AdminManager log channel at the DEBUG logging level. • https://advisory.splunk.com/advisories/SVD-2024-1009 https://research.splunk.com/application/93dc7182-c5da-4085-82ec-401abf33d623 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 0

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes sensitive HTTP parameters to the `_internal` index. This exposure could happen if you configure the Splunk Enterprise `REST_Calls` log channel at the DEBUG logging level. • https://advisory.splunk.com/advisories/SVD-2024-1008 https://research.splunk.com/application/93dc7182-c5da-4085-82ec-401abf33d623 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108, and 9.1.2312.204, a low-privileged user that does not hold the "admin" or "power" Splunk roles could change the maintenance mode state of App Key Value Store (KVStore) through a Cross-Site Request Forgery (CSRF). • https://advisory.splunk.com/advisories/SVD-2024-1007 https://research.splunk.com/application/34bac267-a89b-4bd7-a072-a48eef1f15b8 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

In Splunk Enterprise for Windows versions below 9.2.3 and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could perform a Remote Code Execution (RCE) due to an insecure session storage configuration. • https://advisory.splunk.com/advisories/SVD-2024-1003 https://research.splunk.com/application/c97e0704-d9c6-454d-89ba-1510a987bf72 • CWE-502: Deserialization of Untrusted Data •

CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.107, 9.1.2312.204, and 9.1.2312.111, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a search query with an improperly formatted "INGEST_EVAL" parameter as part of a [Field Transformation](https://docs.splunk.com/Documentation/Splunk/latest/Knowledge/Managefieldtransforms) which could crash the Splunk daemon (splunkd). • https://advisory.splunk.com/advisories/SVD-2024-1006 https://research.splunk.com/application/08978eca-caff-44c1-84dc-53f17def4e14 • CWE-400: Uncontrolled Resource Consumption •