Splunk Security Vulnerabilities (CVEs)

Track 82 security vulnerabilities affecting Splunk products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.

5 Critical

45 High

27 Medium

5 Low

Sort by:

🔔 Get Alerts for Splunk

CVE-2023-40597 7.8

This vulnerability allows attackers to exploit absolute path traversal in Splunk Enterprise to execute arbitrary code from separate disks. It affects ...

Aug 30, 2023

CVE-2023-40592 8.4

This CVE describes a reflected cross-site scripting (XSS) vulnerability in Splunk Enterprise's /app/search/table endpoint. Attackers can craft malicio...

Aug 30, 2023

CVE-2023-3997 8.6

CVE-2023-3997 is a log file poisoning vulnerability in Splunk SOAR where attackers can inject malicious ANSI escape sequences through web requests. Wh...

Jul 31, 2023

CVE-2023-32706 7.7

This vulnerability allows unauthenticated attackers to send specially-crafted XML messages to Splunk's SAML authentication parser, causing a denial of...

Jun 1, 2023

CVE-2023-32708 7.2

This CVE describes an HTTP response splitting vulnerability in Splunk's 'rest' SPL command that allows low-privileged users to potentially access arbi...

Jun 1, 2023

CVE-2023-32712 8.6

This vulnerability allows attackers to inject ANSI escape codes into Splunk log files, which could lead to code execution in vulnerable terminal appli...

Jun 1, 2023

CVE-2023-32714 8.1

CVE-2023-32714 is a path traversal vulnerability in Splunk App for Lookup File Editing that allows low-privileged users to read and write files in res...

Jun 1, 2023

CVE-2023-27533 8.8

A vulnerability in curl versions before 8.0 allows attackers to inject malicious content during TELNET protocol negotiation when user input is accepte...

Mar 30, 2023

CVE-2023-27534 8.8

A path traversal vulnerability in curl's SFTP implementation allows attackers to bypass path filtering by using specially crafted paths containing til...

Mar 30, 2023

CVE-2023-23914 9.1

A vulnerability in curl versions before 7.88.0 causes HSTS (HTTP Strict Transport Security) to fail when processing multiple URLs sequentially on the ...

Feb 23, 2023

CVE-2023-22932 8.7

This vulnerability allows attackers to inject malicious scripts into Splunk Web views through Base64-encoded image error messages. When exploited, it ...

Feb 14, 2023

CVE-2023-22934 7.3

This vulnerability allows authenticated Splunk users to bypass SPL safeguards for risky commands by crafting a saved search job that uses the 'pivot' ...

Feb 14, 2023

CVE-2023-22939 8.1

This vulnerability in Splunk Enterprise allows higher-privileged users to bypass SPL safeguards for risky commands via the 'map' search command. It af...

Feb 14, 2023

CVE-2022-32221 9.8

This vulnerability in libcurl allows an attacker to cause memory corruption or data leakage when reusing a handle from a PUT to a POST request. Applic...

Dec 5, 2022

CVE-2022-35737 7.5

This SQLite vulnerability allows array-bounds overflow when processing extremely large string arguments (billions of bytes) through certain C API func...

Aug 3, 2022

CVE-2022-32207 9.8

CVE-2022-32207 is a privilege escalation vulnerability in curl versions before 7.84.0 where file permission widening occurs during atomic file operati...

Jul 7, 2022

CVE-2022-32156 8.1

Splunk Enterprise and Universal Forwarder versions before 9.0 do not validate TLS certificates by default when the CLI connects to remote Splunk insta...

Jun 15, 2022

CVE-2022-32155 7.5

Splunk Universal Forwarder versions before 9.0 have remote management services enabled by default, exposing management ports to network access. This c...

Jun 15, 2022

CVE-2022-32158 9.0

This vulnerability allows an attacker who compromises a Universal Forwarder endpoint to deploy malicious forwarder bundles to all other Universal Forw...

Jun 15, 2022

CVE-2022-32152 8.1

Splunk Enterprise and Splunk Cloud Platform versions before 9.0 and 8.2.2203 respectively did not validate TLS certificates during Splunk-to-Splunk co...

Jun 15, 2022

CVE-2022-27780 7.5

The curl URL parser incorrectly accepts percent-encoded URL separators like '/' in hostnames, allowing attackers to bypass filters and checks by makin...

Jun 2, 2022

CVE-2022-27782 7.5

libcurl incorrectly reuses TLS/SSH connections when security settings have changed, potentially allowing sensitive data to be transmitted over less se...

Jun 2, 2022

CVE-2022-27775 7.5

This curl vulnerability allows information disclosure when an attacker can force curl to reuse an existing IPv6 connection from the pool with a differ...

Jun 2, 2022

CVE-2022-27778 8.1

This vulnerability in curl versions before 7.83.1 could cause the wrong file to be deleted when using the --no-clobber option with --remove-on-error. ...

Jun 2, 2022

CVE-2021-26253 8.1

This vulnerability allows attackers to bypass DUO multi-factor authentication in Splunk Enterprise, enabling unauthorized access to protected Splunk i...

May 6, 2022

CVE-2021-42743 8.8

This vulnerability allows a local Windows user with lower privileges to escalate to the Splunk user account through a path misconfiguration. It affect...

May 6, 2022

CVE-2022-26889 8.8

This path traversal vulnerability in Splunk Enterprise allows attackers to inject arbitrary content into web pages or bypass SPL command safeguards. I...

May 6, 2022

CVE-2021-3422 7.5

A lack of validation in the Splunk-to-Splunk protocol allows attackers to cause denial-of-service in vulnerable Splunk Enterprise instances. This affe...

Mar 25, 2022

CVE-2021-22926 7.5

This vulnerability allows attackers to trick libcurl applications into using a malicious client certificate instead of the intended one when running i...

Aug 5, 2021

CVE-2021-30560 8.8

This is a use-after-free vulnerability in Chrome's Blink XSLT processor that allows remote attackers to potentially exploit heap corruption. Attackers...

Aug 3, 2021

CVE-2021-22901 8.1

CVE-2021-22901 is a use-after-free vulnerability in curl/libcurl that allows a malicious TLS 1.3 server to potentially execute arbitrary code on the c...

Jun 11, 2021

CVE-2021-3520 9.8

CVE-2021-3520 is an integer overflow vulnerability in the LZ4 compression library that allows attackers to trigger out-of-bounds writes by submitting ...

Jun 2, 2021

← Previous Page 2 of 2

Why Monitor Splunk Security Vulnerabilities?

Real-time CVE tracking: Our automated system monitors 82+ known vulnerabilities affecting Splunk products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.

Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Splunk packages in under 60 seconds. No agents required - completely agentless scanning that works across Splunk deployments.

Free vulnerability database: Access detailed information about every Splunk CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.

🚀 Get Started in 60 Seconds

Register free account & add your servers
Run one-time scan or schedule automatic monitoring (every 1-24 hours)
Receive instant alerts when new Splunk CVEs affect your systems
Access dashboard with severity breakdown & fix instructions

Start Monitoring Splunk CVEs Free