Page 8 of 81 results (0.001 seconds)

CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘map’ search processing language (SPL) command lets a search bypass SPL safeguards for risky commands. The vulnerability requires a higher privileged user to initiate a request within their browser and only affects instances with Splunk Web enabled. • https://advisory.splunk.com/advisories/SVD-2023-0209 https://research.splunk.com/application/ee69374a-d27e-4136-adac-956a96ff60fd • CWE-20: Improper Input Validation •

CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘sendemail’ REST API endpoint lets any authenticated user send an email as the Splunk instance. The endpoint is now restricted to the ‘splunk-system-user’ account on the local instance. • https://advisory.splunk.com/advisories/SVD-2023-0208 • CWE-285: Improper Authorization •

CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the lookup table upload feature let a user upload lookup tables with unnecessary filename extensions. Lookup table file extensions may now be one of the following only: .csv, .csv.gz, .kmz, .kml, .mmdb, or .mmdb.gzl. • https://advisory.splunk.com/advisories/SVD-2023-0207 https://research.splunk.com/application/b7d1293f-e78f-415e-b5f6-443df3480082 • CWE-20: Improper Input Validation CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 8.0EPSS: 0%CPEs: 4EXPL: 1

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, a View allows for Cross-Site Scripting (XSS) in an extensible mark-up language (XML) View through the ‘layoutPanel’ attribute in the ‘module’ tag’. • https://advisory.splunk.com/advisories/SVD-2023-0203 https://research.splunk.com/application/9ac2bfea-a234-4a18-9d37-6d747e85c2e4 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.7EPSS: 0%CPEs: 2EXPL: 0

In Splunk Enterprise 9.0 versions before 9.0.4, a View allows for Cross-Site Scripting (XSS) through the error message in a Base64-encoded image. The vulnerability affects instances with Splunk Web enabled. It does not affect Splunk Enterprise versions below 9.0. • https://advisory.splunk.com/advisories/SVD-2023-0202 https://research.splunk.com/application/ce6e1268-e01c-4df2-a617-0f034ed49a43 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •