Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Splunk — Vulnerabilities & Security Advisories 155

Browse all 155 CVE security advisories affecting Splunk. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Splunk operates primarily as a data analytics platform designed for searching, monitoring, and analyzing machine-generated big data via a web interface. Its architecture, which integrates complex data ingestion pipelines with extensive third-party app ecosystems, has historically exposed it to diverse vulnerability classes. Recorded Common Vulnerabilities and Exposures (CVEs) frequently involve remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from improper input validation or insecure default configurations in its web components. While no single catastrophic breach defines its history, the sheer volume of disclosed flaws highlights systemic risks in its expansive feature set. Security practitioners must rigorously patch these instances, as the platform’s central role in enterprise observability makes unmitigated vulnerabilities particularly impactful. The current count of 155 CVEs underscores the necessity for continuous configuration auditing and strict access controls to maintain integrity within organizations relying on this infrastructure.

Found 138 results / 155Clear Filters
Top products by Splunk: Splunk Enterprise Splunk Add-on Builder Splunk App for Lookup File Editing Splunk Enterprise Security (ES) Splunk MCP Server Splunk App for Stream Splunk SOAR (On-premises) Splunk ITSI Splunk App for SOAR Splunk Supporting Add-on for Active Directory Splunk/UniversalForwarder for Windows Splunk Add-on for Palo Alto Networks
CVE IDTitleCVSSSeverityPublished
CVE-2025-20322 Denial of Service (DoS) in Search Head Cluster through Cross-Site Request Forgery (CSRF) in Splunk Enterprise — Splunk EnterpriseCWE-352 4.3 Medium2025-07-07
CVE-2025-20323 Missing Access Control of Saved Searches in the Splunk Archiver app — Splunk EnterpriseCWE-284 4.3 Medium2025-07-07
CVE-2025-20321 Membership State Change in Splunk Search Head Cluster through a Cross-Site Request Forgery (CSRF) in Splunk Enterprise — Splunk EnterpriseCWE-352 6.5 Medium2025-07-07
CVE-2025-20325 Sensitive Information Disclosure in the SHCConfig logging channel in Clustered Deployments in Splunk Enterprise — Splunk EnterpriseCWE-200 3.1 Low2025-07-07
CVE-2025-20319 Remote Command Execution through Scripted Input Files in Splunk Enterprise — Splunk EnterpriseCWE-78 6.8 Medium2025-07-07
CVE-2025-20320 Denial of Service (DoS) through “User Interface - Views“ configuration page in Splunk Enterprise — Splunk EnterpriseCWE-35 6.3 Medium2025-07-07
CVE-2025-20324 Improper Access Control in System Source Types Configuration in Splunk Enterprise — Splunk EnterpriseCWE-284 5.4 Medium2025-07-07
CVE-2025-20300 Improper Access Control Lets Low-Privilege Users Suppress Read-Only Alerts in Splunk Enterprise — Splunk EnterpriseCWE-863 4.3 Medium2025-07-07
CVE-2025-20297 Reflected Cross-Site Scripting (XSS) on Splunk Enterprise through dashboard PDF generation component — Splunk EnterpriseCWE-79 4.3 Medium2025-06-02
CVE-2025-20230 Missing Access Control and Incorrect Ownership of Data in App Key Value Store (KVStore) collections in the Splunk Secure Gateway App — Splunk EnterpriseCWE-284 4.3 Medium2025-03-26
CVE-2025-20232 Risky Command Safeguards Bypass in “/app/search/search“ endpoint through “s“ parameter in Splunk Enterprise — Splunk EnterpriseCWE-200 5.7 Medium2025-03-26
CVE-2025-20229 Remote Code Execution through file upload to “$SPLUNK_HOME/var/run/splunk/apptemp“ directory in Splunk Enterprise — Splunk EnterpriseCWE-284 8.0 High2025-03-26
CVE-2025-20228 Maintenance mode state change of App Key Value Store (KVStore) through a Cross-Site Request Forgery (CSRF) in Splunk Enterprise — Splunk EnterpriseCWE-352 6.5 Medium2025-03-26
CVE-2025-20227 Information Disclosure through external content warning modal dialog box bypass in Splunk Enterprise Dashboard Studio — Splunk EnterpriseCWE-20 4.3 Medium2025-03-26
CVE-2025-20226 Risky command safeguards bypass in “/services/streams/search“ endpoint through “q“ parameter in Splunk Enterprise — Splunk EnterpriseCWE-200 5.7 Medium2025-03-26
CVE-2025-20231 Sensitive Information Disclosure in Splunk Secure Gateway App — Splunk EnterpriseCWE-532 7.1 High2025-03-26
CVE-2024-53244 Risky command safeguards bypass in “/en-US/app/search/report“ endpoint through “s“ parameter — Splunk EnterpriseCWE-200 5.7 Medium2024-12-10
CVE-2024-53246 Sensitive Information Disclosure through SPL commands — Splunk EnterpriseCWE-319 5.3 Medium2024-12-10
CVE-2024-53243 Information Disclosure in Mobile Alert Responses in Splunk Secure Gateway — Splunk EnterpriseCWE-200 4.3 Medium2024-12-10
CVE-2024-53245 Information Disclosure due to Username Collision with a Role that has the same Name as the User — Splunk EnterpriseCWE-200 3.1 Low2024-12-10
CVE-2024-53247 Remote Code Execution through Deserialization of Untrusted Data in Splunk Secure Gateway app — Splunk EnterpriseCWE-502 8.8 High2024-12-10
CVE-2024-45739 Sensitive information disclosure in AdminManager logging channel — Splunk EnterpriseCWE-200 4.9 Medium2024-10-14
CVE-2024-45738 Sensitive information disclosure in REST_Calls logging channel — Splunk EnterpriseCWE-200 4.9 Medium2024-10-14
CVE-2024-45737 Maintenance mode state change of App Key Value Store (KVStore) through Cross-Site Request Forgery (CSRF) — Splunk EnterpriseCWE-352 4.3 Medium2024-10-14
CVE-2024-45733 Remote Code Execution (RCE) due to insecure session storage configuration in Splunk Enterprise on Windows — Splunk EnterpriseCWE-502 8.8 High2024-10-14
CVE-2024-45732 Low-privileged user could run search as nobody in SplunkDeploymentServerConfig app — Splunk EnterpriseCWE-862 7.1 High2024-10-14
CVE-2024-45736 Improperly Formatted ‘INGEST_EVAL’ Parameter Crashes Splunk Daemon — Splunk EnterpriseCWE-400 6.5 Medium2024-10-14
CVE-2024-45741 Persistent Cross-Site Scripting (XSS) via props.conf on Splunk Enterprise — Splunk EnterpriseCWE-79 5.4 Medium2024-10-14
CVE-2024-45734 Low Privilege User can View Images on the Host Machine by using the PDF Export feature in Splunk Classic Dashboard — Splunk EnterpriseCWE-284 4.3 Medium2024-10-14
CVE-2024-45740 Persistent Cross-Site Scripting (XSS) through Scheduled Views on Splunk Enterprise — Splunk EnterpriseCWE-79 5.4 Medium2024-10-14

This page lists every published CVE security advisory associated with Splunk. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.