CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-42743 – Local privilege escalation via a default path in Splunk Enterprise Windows
https://notcve.org/view.php?id=CVE-2021-42743
A misconfiguration in the node default path allows for local privilege escalation from a lower privileged user to the Splunk user in Splunk Enterprise versions before 8.1.1 on Windows. Una configuración errónea en la ruta por defecto del nodo permite una escalada de privilegios local de un usuario menos privilegiado al usuario de Splunk en Splunk Enterprise versiones anteriores a 8.1.1 en Windows • https://www.splunk.com/en_us/product-security/announcements/svd-2022-0501.html • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-3422 – Indexer denial-of-service via malformed S2S request
https://notcve.org/view.php?id=CVE-2021-3422
The lack of validation of a key-value field in the Splunk-to-Splunk protocol results in a denial-of-service in Splunk Enterprise instances configured to index Universal Forwarder traffic. The vulnerability impacts Splunk Enterprise versions before 7.3.9, 8.0 versions before 8.0.9, and 8.1 versions before 8.1.3. It does not impact Universal Forwarders. When Splunk forwarding is secured using TLS or a Token, the attack requires compromising the certificate or token, or both. Implementation of either or both reduces the severity to Medium. • https://claroty.com/2022/03/24/blog-research-locking-down-splunk-enterprise-indexers-and-forwarders https://www.splunk.com/en_us/product-security/announcements/svd-2022-0301.html • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read •
CVSS: 5.4EPSS: 0%CPEs: 7EXPL: 0CVE-2019-5727
https://notcve.org/view.php?id=CVE-2019-5727
Splunk Web in Splunk Enterprise 6.5.x before 6.5.5, 6.4.x before 6.4.9, 6.3.x before 6.3.12, 6.2.x before 6.2.14, 6.1.x before 6.1.14, and 6.0.x before 6.0.15 and Splunk Light before 6.6.0 has Persistent XSS, aka SPL-138827. Splunk Web en Splunk Enterprise, en versiones 6.5.x anteriores a la 6.5.5, versiones 6.4.x anteriores a la 6.4.9, versiones 6.3.x anteriores a la 6.3.12, versiones 6.2.x anteriores a la 6.2.14, versiones 6.1.x anteriores a la 6.1.14 y versiones 6.0.x anteriores a la 6.0.15; y Splunk Light, en versiones anteriores a la 6.6.0, tiene Cross-Site Scripting (XSS) persistente. Esto también se conoce como SPL-138827. • http://www.securityfocus.com/bid/107113 https://www.splunk.com/view/SP-CAAAQAF • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-7432
https://notcve.org/view.php?id=CVE-2018-7432
Splunk Enterprise 6.2.x before 6.2.14, 6.3.x before 6.3.10, 6.4.x before 6.4.7, and 6.5.x before 6.5.3; and Splunk Light before 6.6.0 allow remote attackers to cause a denial of service via a crafted HTTP request. Splunk Enterprise en versiones 6.2.x anteriores a la 6.2.14, versiones 6.3.x anteriores a la 6.3.10, versiones 6.4.x anteriores a la 6.3.11 y versiones 6.5.x anteriores a la 6.5.3; y en Splunk Light en versiones anteriores a la 6.6.0 permite que atacantes remotos provoquen una denegación de servicio (DoS) mediante una petición HTTP manipulada. • https://www.splunk.com/view/SP-CAAAP5T • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-7429
https://notcve.org/view.php?id=CVE-2018-7429
Splunkd in Splunk Enterprise 6.2.x before 6.2.14 6.3.x before 6.3.11, and 6.4.x before 6.4.8; and Splunk Light before 6.5.0 allow remote attackers to cause a denial of service via a malformed HTTP request. Splunkd en Splunk Enterprise en versiones 6.2.x anteriores a la 6.2.14, versiones 6.3.x anteriores a la 6.3.11 y versiones 6.4.x anteriores a la 6.4.8; y en Splunk Light en versiones anteriores a la 6.5.0 permite que atacantes remotos provoquen una denegación de servicio (DoS) mediante una petición HTTP mal formada. • https://www.splunk.com/view/SP-CAAAP5T • CWE-20: Improper Input Validation •