Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1020 CNY

100%
Buy Us a Coffee

Splunk Enterprise — Vulnerabilities & Security Advisories 149

All 149 CVE vulnerabilities found in Splunk Enterprise, with AI-generated Chinese analysis, references, and POCs.

This page provides a comprehensive aggregation of known vulnerabilities and weaknesses for the Splunk Enterprise product, focusing on Common Weakness Enumeration (CWE) classifications and associated security tags. It collects data on a wide variety of security flaws, including remote code execution, privilege escalation, cross-site scripting, and authentication bypass issues, covering reported vulnerabilities from early product releases through the most recent updates. By centralizing this information, the resource allows users to effectively track vendor advisories as they are issued, gain a deeper understanding of specific weakness classes prevalent in the software ecosystem, and look up the historical vulnerability record of the product to assess long-term security posture. The content is structured to help administrators and security analysts prioritize remediation efforts by providing context on the severity and nature of each disclosed issue. This aggregation serves as a reference point for identifying patterns in software defects and aligning patch management strategies with industry-standard risk assessments. The data presented here is intended to support informed decision-making regarding system hardening and maintenance schedules without requiring access to external notification services. Users can utilize this summary to complement internal scanning results and ensure that all known exploitable conditions are addressed within their deployment environments.

Vendor: Splunk Inc.

CVE IDTitleCVSSSeverityPublished
CVE-2024-45734 Low Privilege User can View Images on the Host Machine by using the PDF Export feature in Splunk Classic Dashboard CWE-284 4.3 Medium2024-10-14
CVE-2024-45740 Persistent Cross-Site Scripting (XSS) through Scheduled Views on Splunk Enterprise CWE-79 5.4 Medium2024-10-14
CVE-2024-45731 Potential Remote Command Execution (RCE) through arbitrary file write to Windows system root directory when Splunk Enterprise for Windows is installed on a separate disk CWE-23 8.0 High2024-10-14
CVE-2024-45735 Improper Access Control for low-privileged user in Splunk Secure Gateway App CWE-284 4.3 Medium2024-10-14
CVE-2024-36997 Persistent Cross-site Scripting (XSS) in conf-web/settings REST endpoint CWE-79 4.6 High2024-07-01
CVE-2024-36993 Persistent Cross-site Scripting (XSS) in Web Bulletin CWE-79 5.4 Medium2024-07-01
CVE-2024-36995 Low-privileged user could create experimental items CWE-862 4.3 Medium2024-07-01
CVE-2024-36991 Path Traversal on the “/modules/messaging/“ endpoint in Splunk Enterprise on Windows CWE-35 7.5 High2024-07-01
CVE-2024-36982 Denial of Service through null pointer reference in “cluster/config” REST endpoint CWE-476 7.5 High2024-07-01
CVE-2024-36990 Denial of Service (DoS) on the datamodel/web REST endpoint CWE-835 6.5 Medium2024-07-01
CVE-2024-36985 Remote Code Execution (RCE) through an external lookup due to “copybuckets.py“ script in the “splunk_archiver“ application in Splunk Enterprise CWE-687 8.8 High2024-07-01
CVE-2024-36992 Persistent Cross-site Scripting (XSS) in Dashboard Elements CWE-79 5.4 Medium2024-07-01
CVE-2024-36984 Remote Code Execution through Serialized Session Payload in Splunk Enterprise on Windows CWE-502 8.8 High2024-07-01
CVE-2024-36983 Command Injection using External Lookups CWE-77 8.0 High2024-07-01
CVE-2024-36986 Risky command safeguards bypass through Search ID query in Analytics Workspace CWE-200 6.3 Medium2024-07-01
CVE-2024-36996 Information Disclosure of user names CWE-204 5.3 Medium2024-07-01
CVE-2024-36994 Persistent Cross-site Scripting (XSS) in Dashboard Elements CWE-79 5.4 Medium2024-07-01
CVE-2024-36989 Low-privileged user could create notifications in Splunk Web Bulletin Messages CWE-284 6.5 High2024-07-01
CVE-2024-36987 Insecure File Upload in the indexing/preview REST endpoint CWE-434 4.3 Medium2024-07-01
CVE-2024-29945 Splunk Authentication Token Exposure in Debug Log in Splunk Enterprise CWE-532 7.2 High2024-03-27
CVE-2024-29946 Risky command safeguards bypass in Dashboard Examples Hub CWE-20 8.1 High2024-03-27
CVE-2024-23676 Sensitive Information Disclosure of Index Metrics through “mrollup” SPL Command CWE-20 4.6 Medium2024-01-22
CVE-2024-23678 Deserialization of Untrusted Data on Splunk Enterprise for Windows through Path Traversal from Separate Disk Partition CWE-20 7.5 High2024-01-22
CVE-2024-23677 Server Response Disclosure in RapidDiag Salesforce.com Log File CWE-532 4.3 Medium2024-01-22
CVE-2024-23675 Splunk App Key Value Store (KV Store) Improper Handling of Permissions Leads to KV Store Collection Deletion CWE-284 6.5 Medium2024-01-22
CVE-2023-46213 Cross-site Scripting (XSS) on “Show Syntax Highlighted” View in Search Page CWE-79 4.8 Medium2023-11-16
CVE-2023-46214 Remote code execution (RCE) in Splunk Enterprise through Insecure XML Parsing CWE-91 8.0 High2023-11-16
CVE-2023-40597 Absolute Path Traversal in Splunk Enterprise Using runshellscript.py CWE-36 7.8 High2023-08-30
CVE-2023-40596 Splunk Enterprise on Windows Privilege Escalation due to Insecure OPENSSLDIR Build Definition Reference in DLL CWE-665 7.0 High2023-08-30
CVE-2023-40594 Denial of Service (DoS) via the ‘printf’ Search Function CWE-400 6.5 Medium2023-08-30

All 149 known CVE vulnerabilities affecting Splunk Enterprise with full Chinese analysis, references, and POCs where available.