Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1020 CNY

100%
Buy Us a Coffee

Splunk Enterprise — Vulnerabilities & Security Advisories 147

All 147 CVE vulnerabilities found in Splunk Enterprise, with AI-generated Chinese analysis, references, and POCs.

This page provides a comprehensive aggregation of known vulnerabilities and weaknesses for the Splunk Enterprise product, focusing on Common Weakness Enumeration (CWE) classifications and associated security tags. It collects data on a wide variety of security flaws, including remote code execution, privilege escalation, cross-site scripting, and authentication bypass issues, covering reported vulnerabilities from early product releases through the most recent updates. By centralizing this information, the resource allows users to effectively track vendor advisories as they are issued, gain a deeper understanding of specific weakness classes prevalent in the software ecosystem, and look up the historical vulnerability record of the product to assess long-term security posture. The content is structured to help administrators and security analysts prioritize remediation efforts by providing context on the severity and nature of each disclosed issue. This aggregation serves as a reference point for identifying patterns in software defects and aligning patch management strategies with industry-standard risk assessments. The data presented here is intended to support informed decision-making regarding system hardening and maintenance schedules without requiring access to external notification services. Users can utilize this summary to complement internal scanning results and ensure that all known exploitable conditions are addressed within their deployment environments.

Vendor: Splunk Inc.

CVE IDTitleCVSSSeverityPublished
CVE-2023-40595 Remote Code Execution via Serialized Session Payload CWE-502 8.8 High2023-08-30
CVE-2023-40598 Command Injection in Splunk Enterprise Using External Lookups CWE-77 8.5 High2023-08-30
CVE-2023-32709 Low-privileged User can View Hashed Default Splunk Password CWE-285 4.3 Medium2023-06-01
CVE-2023-32707 ‘edit_user’ Capability Privilege Escalation CWE-285 8.8 High2023-06-01
CVE-2023-32712 Unauthenticated Log Injection in Splunk Enterprise CWE-117 8.6 High2023-06-01
CVE-2023-32716 Denial of Service via the 'dump' SPL command CWE-754 6.5 Medium2023-06-01
CVE-2023-32710 Information Disclosure via the ‘copyresults’ SPL Command CWE-200 4.8 Medium2023-06-01
CVE-2023-32717 Role-based Access Control (RBAC) Bypass on '/services/indexing/preview' REST Endpoint Can Overwrite Search Results CWE-285 4.3 Medium2023-06-01
CVE-2023-32706 Denial Of Service due to Untrusted XML Tag in XML Parser within SAML Authentication CWE-611 7.7 High2023-06-01
CVE-2023-32711 Persistent Cross-Site Scripting (XSS) through a URL Validation Bypass within a Dashboard View CWE-79 5.4 Medium2023-06-01
CVE-2023-32708 HTTP Response Splitting via the ‘rest’ SPL Command CWE-113 7.2 High2023-06-01
CVE-2023-22939 SPL Command Safeguards Bypass via the ‘map’ SPL Command in Splunk Enterprise CWE-20 8.1 High2023-02-14
CVE-2023-22938 Permissions Validation Failure in the ‘sendemail’ REST API Endpoint in Splunk Enterprise CWE-285 4.3 Medium2023-02-14
CVE-2023-22937 Unnecessary File Extensions Allowed by Lookup Table Uploads in Splunk Enterprise CWE-20 4.3 Medium2023-02-14
CVE-2023-22933 Persistent Cross-Site Scripting through the ‘module’ Tag in a View in Splunk Enterprise CWE-79 8.0 High2023-02-14
CVE-2023-22932 Persistent Cross-Site Scripting through a Base64-encoded Image in a View in Splunk Enterprise CWE-79 8.0 High2023-02-14
CVE-2023-22942 Cross-Site Request Forgery in the ‘ssg/kvstore_client’ REST Endpoint in Splunk Enterprise CWE-352 5.4 Medium2023-02-14
CVE-2023-22936 Authenticated Blind Server Side Request Forgery via the ‘search_listener’ Search Parameter in Splunk Enterprise CWE-918 6.3 Medium2023-02-14
CVE-2023-22931 ‘createrss’ External Search Command Overwrites Existing RSS Feeds in Splunk Enterprise CWE-285 4.3 Medium2023-02-14
CVE-2023-22941 Improperly Formatted ‘INGEST_EVAL’ Parameter Crashes Splunk Daemon CWE-248 6.5 Medium2023-02-14
CVE-2023-22935 SPL Command Safeguards Bypass via the ‘display.page.search.patterns.sensitivity’ Search Parameter in Splunk Enterprise CWE-20 8.1 High2023-02-14
CVE-2023-22934 SPL Command Safeguards Bypass via the ‘pivot’ SPL Command in Splunk Enterprise CWE-20 7.3 High2023-02-14
CVE-2023-22940 SPL Command Safeguards Bypass via the ‘collect’ SPL Command Aliases in Splunk Enterprise CWE-20 6.3 Medium2023-02-14
CVE-2022-43572 Indexing blockage via malformed data sent through S2S or HEC protocols in Splunk Enterprise CWE-400 7.5 High2022-11-04
CVE-2022-43570 XML External Entity Injection through a custom View in Splunk Enterprise CWE-611 8.8 High2022-11-04
CVE-2022-43569 Persistent Cross-Site Scripting via a Data Model object name in Splunk Enterprise CWE-79 8.0 High2022-11-04
CVE-2022-43568 Reflected Cross-Site Scripting via the radio template in Splunk Enterprise CWE-79 8.8 High2022-11-04
CVE-2022-43567 Remote Code Execution via the Splunk Secure Gateway application Mobile Alerts feature CWE-502 8.8 High2022-11-04
CVE-2022-43566 Risky command safeguards bypass via Search ID query in Analytics Workspace in Splunk Enterprise CWE-20 7.3 High2022-11-04
CVE-2022-43565 Risky command safeguards bypass via ‘tstats command JSON in Splunk Enterprise CWE-20 8.1 High2022-11-04

All 147 known CVE vulnerabilities affecting Splunk Enterprise with full Chinese analysis, references, and POCs where available.