Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

Splunk Enterprise — Vulnerabilities & Security Advisories 149

All 149 CVE vulnerabilities found in Splunk Enterprise, with AI-generated Chinese analysis, references, and POCs.

This page provides a comprehensive aggregation of known vulnerabilities and weaknesses for the Splunk Enterprise product, focusing on Common Weakness Enumeration (CWE) classifications and associated security tags. It collects data on a wide variety of security flaws, including remote code execution, privilege escalation, cross-site scripting, and authentication bypass issues, covering reported vulnerabilities from early product releases through the most recent updates. By centralizing this information, the resource allows users to effectively track vendor advisories as they are issued, gain a deeper understanding of specific weakness classes prevalent in the software ecosystem, and look up the historical vulnerability record of the product to assess long-term security posture. The content is structured to help administrators and security analysts prioritize remediation efforts by providing context on the severity and nature of each disclosed issue. This aggregation serves as a reference point for identifying patterns in software defects and aligning patch management strategies with industry-standard risk assessments. The data presented here is intended to support informed decision-making regarding system hardening and maintenance schedules without requiring access to external notification services. Users can utilize this summary to complement internal scanning results and ensure that all known exploitable conditions are addressed within their deployment environments.

Vendor: Splunk Inc.

CVE IDTitleCVSSSeverityPublished
CVE-2025-20366 Improper Access Control in Background Job Submission in Splunk Enterprise CWE-284 6.5 Medium2025-10-01
CVE-2025-20369 Extensible Markup Language (XML) External Entity Injection (XXE) through Dashboard label field on Splunk Enterprise CWE-776 4.6 Medium2025-10-01
CVE-2025-20322 Denial of Service (DoS) in Search Head Cluster through Cross-Site Request Forgery (CSRF) in Splunk Enterprise CWE-352 4.3 Medium2025-07-07
CVE-2025-20323 Missing Access Control of Saved Searches in the Splunk Archiver app CWE-284 4.3 Medium2025-07-07
CVE-2025-20321 Membership State Change in Splunk Search Head Cluster through a Cross-Site Request Forgery (CSRF) in Splunk Enterprise CWE-352 6.5 Medium2025-07-07
CVE-2025-20325 Sensitive Information Disclosure in the SHCConfig logging channel in Clustered Deployments in Splunk Enterprise CWE-200 3.1 Low2025-07-07
CVE-2025-20319 Remote Command Execution through Scripted Input Files in Splunk Enterprise CWE-78 6.8 Medium2025-07-07
CVE-2025-20324 Improper Access Control in System Source Types Configuration in Splunk Enterprise CWE-284 5.4 Medium2025-07-07
CVE-2025-20320 Denial of Service (DoS) through “User Interface - Views“ configuration page in Splunk Enterprise CWE-35 6.3 Medium2025-07-07
CVE-2025-20300 Improper Access Control Lets Low-Privilege Users Suppress Read-Only Alerts in Splunk Enterprise CWE-863 4.3 Medium2025-07-07
CVE-2025-20297 Reflected Cross-Site Scripting (XSS) on Splunk Enterprise through dashboard PDF generation component CWE-79 4.3 Medium2025-06-02
CVE-2025-20230 Missing Access Control and Incorrect Ownership of Data in App Key Value Store (KVStore) collections in the Splunk Secure Gateway App CWE-284 4.3 Medium2025-03-26
CVE-2025-20232 Risky Command Safeguards Bypass in “/app/search/search“ endpoint through “s“ parameter in Splunk Enterprise CWE-200 5.7 Medium2025-03-26
CVE-2025-20229 Remote Code Execution through file upload to “$SPLUNK_HOME/var/run/splunk/apptemp“ directory in Splunk Enterprise CWE-284 8.0 High2025-03-26
CVE-2025-20228 Maintenance mode state change of App Key Value Store (KVStore) through a Cross-Site Request Forgery (CSRF) in Splunk Enterprise CWE-352 6.5 Medium2025-03-26
CVE-2025-20227 Information Disclosure through external content warning modal dialog box bypass in Splunk Enterprise Dashboard Studio CWE-20 4.3 Medium2025-03-26
CVE-2025-20226 Risky command safeguards bypass in “/services/streams/search“ endpoint through “q“ parameter in Splunk Enterprise CWE-200 5.7 Medium2025-03-26
CVE-2025-20231 Sensitive Information Disclosure in Splunk Secure Gateway App CWE-532 7.1 High2025-03-26
CVE-2024-53244 Risky command safeguards bypass in “/en-US/app/search/report“ endpoint through “s“ parameter CWE-200 5.7 Medium2024-12-10
CVE-2024-53246 Sensitive Information Disclosure through SPL commands CWE-319 5.3 Medium2024-12-10
CVE-2024-53243 Information Disclosure in Mobile Alert Responses in Splunk Secure Gateway CWE-200 4.3 Medium2024-12-10
CVE-2024-53245 Information Disclosure due to Username Collision with a Role that has the same Name as the User CWE-200 3.1 Low2024-12-10
CVE-2024-53247 Remote Code Execution through Deserialization of Untrusted Data in Splunk Secure Gateway app CWE-502 8.8 High2024-12-10
CVE-2024-45739 Sensitive information disclosure in AdminManager logging channel CWE-200 4.9 Medium2024-10-14
CVE-2024-45738 Sensitive information disclosure in REST_Calls logging channel CWE-200 4.9 Medium2024-10-14
CVE-2024-45737 Maintenance mode state change of App Key Value Store (KVStore) through Cross-Site Request Forgery (CSRF) CWE-352 4.3 Medium2024-10-14
CVE-2024-45732 Low-privileged user could run search as nobody in SplunkDeploymentServerConfig app CWE-862 7.1 High2024-10-14
CVE-2024-45733 Remote Code Execution (RCE) due to insecure session storage configuration in Splunk Enterprise on Windows CWE-502 8.8 High2024-10-14
CVE-2024-45736 Improperly Formatted ‘INGEST_EVAL’ Parameter Crashes Splunk Daemon CWE-400 6.5 Medium2024-10-14
CVE-2024-45741 Persistent Cross-Site Scripting (XSS) via props.conf on Splunk Enterprise CWE-79 5.4 Medium2024-10-14

All 149 known CVE vulnerabilities affecting Splunk Enterprise with full Chinese analysis, references, and POCs where available.