📦 Splunk Cloud Platform
by Splunk
🔍 What is Splunk Cloud Platform?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
This vulnerability allows unauthenticated attackers to perform blind server-side request forgery (SSRF) against vulnerable Splunk deployments, potentially enabling them to make REST API calls with the...
This vulnerability allows low-privileged Splunk users without admin or power roles to execute arbitrary code on the server by uploading files to a specific directory. It affects Splunk Enterprise vers...
This vulnerability allows an admin user in Splunk Enterprise and Splunk Cloud Platform to store and execute arbitrary JavaScript code in other users' browsers through the conf-web/settings REST endpoi...
This vulnerability allows authenticated users in Splunk Enterprise and Cloud Platform to create external lookups that call legacy internal functions, enabling them to insert and execute arbitrary code...
This vulnerability in Splunk Enterprise allows attackers to execute arbitrary code by crafting malicious queries that exploit insecure deserialization. It affects Splunk Enterprise versions before 8.2...
This vulnerability allows attackers to exploit absolute path traversal in Splunk Enterprise to execute arbitrary code from separate disks. It affects Splunk Enterprise versions below 8.2.12, 9.0.6, an...
This CVE describes a reflected cross-site scripting (XSS) vulnerability in Splunk Enterprise's /app/search/table endpoint. Attackers can craft malicious web requests to execute arbitrary commands on v...
This vulnerability allows unauthenticated attackers to send specially-crafted XML messages to Splunk's SAML authentication parser, causing a denial of service that crashes the Splunk daemon. It affect...
This CVE describes an HTTP response splitting vulnerability in Splunk's 'rest' SPL command that allows low-privileged users to potentially access arbitrary REST endpoints. Affected systems include Spl...
This vulnerability allows attackers to inject malicious scripts into Splunk Web views through Base64-encoded image error messages. When exploited, it enables cross-site scripting attacks that can stea...
This vulnerability allows authenticated Splunk users to bypass SPL safeguards for risky commands by crafting a saved search job that uses the 'pivot' command. When a higher-privileged user initiates t...
This vulnerability in Splunk Enterprise allows higher-privileged users to bypass SPL safeguards for risky commands via the 'map' search command. It affects Splunk Enterprise instances with Splunk Web ...
Splunk Universal Forwarder versions before 9.0 have remote management services enabled by default, exposing management ports to network access. This configuration issue could allow unauthorized remote...
Splunk Enterprise and Splunk Cloud Platform versions before 9.0 and 8.2.2203 respectively did not validate TLS certificates during Splunk-to-Splunk communications by default. This allows attackers wit...
This vulnerability allows authenticated users with access to Splunk's _internal index to view SAML configuration data in plain text within log files. This affects Splunk Enterprise and Splunk Cloud Pl...
A low-privileged user without admin or power roles can craft a malicious payload in the label column field when adding a new device in the Splunk Secure Gateway app, potentially causing client-side de...
This vulnerability allows low-privileged Splunk users who subscribe to mobile push notifications to receive notification titles and descriptions for reports or alerts they don't have permission to vie...
An unauthenticated attacker can inject ANSI escape codes into Splunk log files via the /en-US/static/ endpoint, allowing them to manipulate or obfuscate log data. This affects Splunk Enterprise versio...
This vulnerability allows authenticated Splunk users with the 'change_authentication' capability to send multiple LDAP bind requests to a specific internal endpoint, causing high CPU usage that can le...
A low-privileged user in Splunk Enterprise or Splunk Cloud Platform can access sensitive search results by guessing the unique Search ID (SID) of administrative background search jobs. This affects us...
This is a cross-site scripting (XSS) vulnerability in Splunk Enterprise and Splunk Cloud Platform that allows low-privileged users to inject malicious JavaScript through the dataset.command parameter....
This CVE describes a cross-site scripting (XSS) vulnerability in Splunk Enterprise and Splunk Cloud Platform where low-privileged users can inject malicious JavaScript through saved search error messa...
This CSRF vulnerability in Splunk Enterprise and Cloud Platform allows unauthenticated attackers to trigger rolling restarts in Search Head Clusters by tricking administrators into executing malicious...
This vulnerability allows low-privileged Splunk users without admin or power roles to create or overwrite system source type configurations via a crafted REST API request. It affects Splunk Enterprise...
In affected Splunk Enterprise and Cloud Platform versions, a low-privileged user with read-only access to a specific alert can suppress that alert when it triggers. This allows users without admin or ...
A path traversal vulnerability in Splunk Enterprise and Cloud Platform allows low-privileged users to delete arbitrary files via a malicious payload on the User Interface - Views configuration page, p...
This CVE describes a privilege escalation vulnerability in Splunk Enterprise and Cloud Platform where low-privileged users can bypass SPL safeguards for risky commands. Attackers can trick authenticat...
A Cross-Site Request Forgery (CSRF) vulnerability in Splunk Enterprise and Splunk Cloud Platform allows low-privileged users without admin or power roles to change the maintenance mode state of App Ke...
This vulnerability allows low-privileged Splunk users to bypass SPL safeguards for risky commands by tricking higher-privileged users into executing malicious saved searches. It affects Splunk Enterpr...
This CVE describes an information disclosure vulnerability in Splunk Enterprise and Splunk Cloud Platform where SPL commands can potentially expose sensitive data. The vulnerability requires chaining ...
This vulnerability allows low-privileged Splunk users to bypass command safeguards by tricking higher-privileged users into executing saved searches containing risky commands. It affects Splunk Enterp...
This CVE describes a cross-site scripting (XSS) vulnerability in Splunk Enterprise and Splunk Cloud Platform where low-privileged users can create malicious configuration files that execute unauthoriz...
This vulnerability allows low-privileged users without admin or power roles to view App Key Value Store (KV Store) deployment configuration and public/private keys in the Splunk Secure Gateway App. Th...
This CSRF vulnerability allows low-privileged Splunk users without admin or power roles to change the maintenance mode state of the App Key Value Store (KVStore). Attackers could trick authenticated u...
This CVE describes a cross-site scripting (XSS) vulnerability in Splunk Enterprise and Splunk Cloud Platform where low-privileged users can inject malicious JavaScript through Bulletin Messages. The i...
This CVE allows low-privileged users without admin or power roles to create experimental items in Splunk Enterprise and Splunk Cloud Platform. This violates intended access controls and could enable u...
This vulnerability allows authenticated users with the 'change_authentication' capability to enumerate internal IP addresses and network ports when adding search peers in Splunk distributed environmen...
This CVE describes an unvalidated redirect vulnerability in Splunk Enterprise and Cloud Platform where low-privileged authenticated users can create dashboard views with custom backgrounds using base6...
This is a stored cross-site scripting (XSS) vulnerability in Splunk Enterprise and Splunk Cloud Platform. An authenticated user with admin_all_objects privilege can inject malicious JavaScript into na...
This vulnerability allows low-privileged Splunk users to bypass SPL safeguards for risky commands by exploiting character encoding in REST API paths. Attackers could execute saved searches with elevat...
This vulnerability allows unauthenticated attackers to craft malicious URLs that exploit an unvalidated redirect in Splunk Web's login endpoint. When authenticated users click these links, they can be...