Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Splunk — Vulnerabilities & Security Advisories 155

Browse all 155 CVE security advisories affecting Splunk. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Splunk operates primarily as a data analytics platform designed for searching, monitoring, and analyzing machine-generated big data via a web interface. Its architecture, which integrates complex data ingestion pipelines with extensive third-party app ecosystems, has historically exposed it to diverse vulnerability classes. Recorded Common Vulnerabilities and Exposures (CVEs) frequently involve remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from improper input validation or insecure default configurations in its web components. While no single catastrophic breach defines its history, the sheer volume of disclosed flaws highlights systemic risks in its expansive feature set. Security practitioners must rigorously patch these instances, as the platform’s central role in enterprise observability makes unmitigated vulnerabilities particularly impactful. The current count of 155 CVEs underscores the necessity for continuous configuration auditing and strict access controls to maintain integrity within organizations relying on this infrastructure.

Found 138 results / 155Clear Filters
Top products by Splunk: Splunk Enterprise Splunk Add-on Builder Splunk App for Lookup File Editing Splunk Enterprise Security (ES) Splunk MCP Server Splunk App for Stream Splunk SOAR (On-premises) Splunk ITSI Splunk App for SOAR Splunk Supporting Add-on for Active Directory Splunk/UniversalForwarder for Windows Splunk Add-on for Palo Alto Networks
CVE IDTitleCVSSSeverityPublished
CVE-2024-45731 Potential Remote Command Execution (RCE) through arbitrary file write to Windows system root directory when Splunk Enterprise for Windows is installed on a separate disk — Splunk EnterpriseCWE-23 8.0 High2024-10-14
CVE-2024-45735 Improper Access Control for low-privileged user in Splunk Secure Gateway App — Splunk EnterpriseCWE-284 4.3 Medium2024-10-14
CVE-2024-36997 Persistent Cross-site Scripting (XSS) in conf-web/settings REST endpoint — Splunk EnterpriseCWE-79 4.6 High2024-07-01
CVE-2024-36993 Persistent Cross-site Scripting (XSS) in Web Bulletin — Splunk EnterpriseCWE-79 5.4 Medium2024-07-01
CVE-2024-36995 Low-privileged user could create experimental items — Splunk EnterpriseCWE-862 4.3 Medium2024-07-01
CVE-2024-36991 Path Traversal on the “/modules/messaging/“ endpoint in Splunk Enterprise on Windows — Splunk EnterpriseCWE-35 7.5 High2024-07-01
CVE-2024-36982 Denial of Service through null pointer reference in “cluster/config” REST endpoint — Splunk EnterpriseCWE-476 7.5 High2024-07-01
CVE-2024-36990 Denial of Service (DoS) on the datamodel/web REST endpoint — Splunk EnterpriseCWE-835 6.5 Medium2024-07-01
CVE-2024-36985 Remote Code Execution (RCE) through an external lookup due to “copybuckets.py“ script in the “splunk_archiver“ application in Splunk Enterprise — Splunk EnterpriseCWE-687 8.8 High2024-07-01
CVE-2024-36992 Persistent Cross-site Scripting (XSS) in Dashboard Elements — Splunk EnterpriseCWE-79 5.4 Medium2024-07-01
CVE-2024-36984 Remote Code Execution through Serialized Session Payload in Splunk Enterprise on Windows — Splunk EnterpriseCWE-502 8.8 High2024-07-01
CVE-2024-36983 Command Injection using External Lookups — Splunk EnterpriseCWE-77 8.0 High2024-07-01
CVE-2024-36986 Risky command safeguards bypass through Search ID query in Analytics Workspace — Splunk EnterpriseCWE-200 6.3 Medium2024-07-01
CVE-2024-36996 Information Disclosure of user names — Splunk EnterpriseCWE-204 5.3 Medium2024-07-01
CVE-2024-36994 Persistent Cross-site Scripting (XSS) in Dashboard Elements — Splunk EnterpriseCWE-79 5.4 Medium2024-07-01
CVE-2024-36989 Low-privileged user could create notifications in Splunk Web Bulletin Messages — Splunk EnterpriseCWE-284 6.5 High2024-07-01
CVE-2024-36987 Insecure File Upload in the indexing/preview REST endpoint — Splunk EnterpriseCWE-434 4.3 Medium2024-07-01
CVE-2024-29945 Splunk Authentication Token Exposure in Debug Log in Splunk Enterprise — Splunk EnterpriseCWE-532 7.2 High2024-03-27
CVE-2024-29946 Risky command safeguards bypass in Dashboard Examples Hub — Splunk EnterpriseCWE-20 8.1 High2024-03-27
CVE-2024-23676 Sensitive Information Disclosure of Index Metrics through “mrollup” SPL Command — Splunk EnterpriseCWE-20 4.6 Medium2024-01-22
CVE-2024-23678 Deserialization of Untrusted Data on Splunk Enterprise for Windows through Path Traversal from Separate Disk Partition — Splunk EnterpriseCWE-20 7.5 High2024-01-22
CVE-2024-23677 Server Response Disclosure in RapidDiag Salesforce.com Log File — Splunk EnterpriseCWE-532 4.3 Medium2024-01-22
CVE-2024-23675 Splunk App Key Value Store (KV Store) Improper Handling of Permissions Leads to KV Store Collection Deletion — Splunk EnterpriseCWE-284 6.5 Medium2024-01-22
CVE-2023-46213 Cross-site Scripting (XSS) on “Show Syntax Highlighted” View in Search Page — Splunk EnterpriseCWE-79 4.8 Medium2023-11-16
CVE-2023-46214 Remote code execution (RCE) in Splunk Enterprise through Insecure XML Parsing — Splunk EnterpriseCWE-91 8.0 High2023-11-16
CVE-2023-40597 Absolute Path Traversal in Splunk Enterprise Using runshellscript.py — Splunk EnterpriseCWE-36 7.8 High2023-08-30
CVE-2023-40596 Splunk Enterprise on Windows Privilege Escalation due to Insecure OPENSSLDIR Build Definition Reference in DLL — Splunk EnterpriseCWE-665 7.0 High2023-08-30
CVE-2023-40594 Denial of Service (DoS) via the ‘printf’ Search Function — Splunk EnterpriseCWE-400 6.5 Medium2023-08-30
CVE-2023-40593 Denial of Service (DoS) in Splunk Enterprise Using a Malformed SAML Request — Splunk EnterpriseCWE-400 6.3 Medium2023-08-30
CVE-2023-40592 Reflected Cross-site Scripting (XSS) on "/app/search/table" web endpoint — Splunk EnterpriseCWE-79 8.4 High2023-08-30

This page lists every published CVE security advisory associated with Splunk. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.