Page 5 of 51 results (0.002 seconds)

CVSS: 8.0EPSS: 0%CPEs: 4EXPL: 1

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, a View allows for Cross-Site Scripting (XSS) in an extensible mark-up language (XML) View through the ‘layoutPanel’ attribute in the ‘module’ tag’. • https://advisory.splunk.com/advisories/SVD-2023-0203 https://research.splunk.com/application/9ac2bfea-a234-4a18-9d37-6d747e85c2e4 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, a cross-site request forgery in the Splunk Secure Gateway (SSG) app in the ‘kvstore_client’ REST endpoint lets a potential attacker update SSG KV store collections using an HTTP GET request. • https://advisory.splunk.com/advisories/SVD-2023-0212 https://research.splunk.com/application/4742d5f7-ce00-45ce-9c79-5e98b43b4410 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 6.3EPSS: 0%CPEs: 4EXPL: 0

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘search_listener’ parameter in a search allows for a blind server-side request forgery (SSRF) by an authenticated user. The initiator of the request cannot see the response without the presence of an additional vulnerability within the environment. • https://advisory.splunk.com/advisories/SVD-2023-0206 https://research.splunk.com/application/ee69374a-d27e-4136-adac-956a96ff60fd • CWE-918: Server-Side Request Forgery (SSRF) •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, an improperly-formatted ‘INGEST_EVAL’ parameter in a Field Transformation crashes the Splunk daemon (splunkd). • https://github.com/eduardosantos1989/CVE-2023-22941 https://advisory.splunk.com/advisories/SVD-2023-0211 https://research.splunk.com/application/08978eca-caff-44c1-84dc-53f17def4e14 • CWE-248: Uncaught Exception •

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0

In Splunk Enterprise versions below 8.1.13 and 8.2.10, the ‘createrss’ external search command overwrites existing Resource Description Format Site Summary (RSS) feeds without verifying permissions. This feature has been deprecated and disabled by default. • https://advisory.splunk.com/advisories/SVD-2023-0201 https://research.splunk.com/application/ee69374a-d27e-4136-adac-956a96ff60fd • CWE-276: Incorrect Default Permissions CWE-285: Improper Authorization •