Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Splunk — Vulnerabilities & Security Advisories 155

Browse all 155 CVE security advisories affecting Splunk. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Splunk operates primarily as a data analytics platform designed for searching, monitoring, and analyzing machine-generated big data via a web interface. Its architecture, which integrates complex data ingestion pipelines with extensive third-party app ecosystems, has historically exposed it to diverse vulnerability classes. Recorded Common Vulnerabilities and Exposures (CVEs) frequently involve remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from improper input validation or insecure default configurations in its web components. While no single catastrophic breach defines its history, the sheer volume of disclosed flaws highlights systemic risks in its expansive feature set. Security practitioners must rigorously patch these instances, as the platform’s central role in enterprise observability makes unmitigated vulnerabilities particularly impactful. The current count of 155 CVEs underscores the necessity for continuous configuration auditing and strict access controls to maintain integrity within organizations relying on this infrastructure.

Top products by Splunk: Splunk Enterprise Splunk Add-on Builder Splunk App for Lookup File Editing Splunk Enterprise Security (ES) Splunk MCP Server Splunk App for Stream Splunk SOAR (On-premises) Splunk ITSI Splunk App for SOAR Splunk Supporting Add-on for Active Directory Splunk/UniversalForwarder for Windows Splunk Add-on for Palo Alto Networks
CVE IDTitleCVSSSeverityPublished
CVE-2023-22943 Modular Input REST API Requests Connect via HTTP after Certificate Validation Failure in Splunk Add-on Builder and Splunk CloudConnect SDK — Splunk Add-on BuilderCWE-636 4.8 Medium2023-02-14
CVE-2023-22933 Persistent Cross-Site Scripting through the ‘module’ Tag in a View in Splunk Enterprise — Splunk EnterpriseCWE-79 8.0 High2023-02-14
CVE-2023-22932 Persistent Cross-Site Scripting through a Base64-encoded Image in a View in Splunk Enterprise — Splunk EnterpriseCWE-79 8.0 High2023-02-14
CVE-2023-22942 Cross-Site Request Forgery in the ‘ssg/kvstore_client’ REST Endpoint in Splunk Enterprise — Splunk EnterpriseCWE-352 5.4 Medium2023-02-14
CVE-2023-22936 Authenticated Blind Server Side Request Forgery via the ‘search_listener’ Search Parameter in Splunk Enterprise — Splunk EnterpriseCWE-918 6.3 Medium2023-02-14
CVE-2023-22931 ‘createrss’ External Search Command Overwrites Existing RSS Feeds in Splunk Enterprise — Splunk EnterpriseCWE-285 4.3 Medium2023-02-14
CVE-2023-22941 Improperly Formatted ‘INGEST_EVAL’ Parameter Crashes Splunk Daemon — Splunk EnterpriseCWE-248 6.5 Medium2023-02-14
CVE-2023-22935 SPL Command Safeguards Bypass via the ‘display.page.search.patterns.sensitivity’ Search Parameter in Splunk Enterprise — Splunk EnterpriseCWE-20 8.1 High2023-02-14
CVE-2023-22934 SPL Command Safeguards Bypass via the ‘pivot’ SPL Command in Splunk Enterprise — Splunk EnterpriseCWE-20 7.3 High2023-02-14
CVE-2023-22940 SPL Command Safeguards Bypass via the ‘collect’ SPL Command Aliases in Splunk Enterprise — Splunk EnterpriseCWE-20 6.3 Medium2023-02-14
CVE-2022-43572 Indexing blockage via malformed data sent through S2S or HEC protocols in Splunk Enterprise — Splunk EnterpriseCWE-400 7.5 High2022-11-04
CVE-2022-43570 XML External Entity Injection through a custom View in Splunk Enterprise — Splunk EnterpriseCWE-611 8.8 High2022-11-04
CVE-2022-43569 Persistent Cross-Site Scripting via a Data Model object name in Splunk Enterprise — Splunk EnterpriseCWE-79 8.0 High2022-11-04
CVE-2022-43568 Reflected Cross-Site Scripting via the radio template in Splunk Enterprise — Splunk EnterpriseCWE-79 8.8 High2022-11-04
CVE-2022-43567 Remote Code Execution via the Splunk Secure Gateway application Mobile Alerts feature — Splunk EnterpriseCWE-502 8.8 High2022-11-04
CVE-2022-43566 Risky command safeguards bypass via Search ID query in Analytics Workspace in Splunk Enterprise — Splunk EnterpriseCWE-20 7.3 High2022-11-04
CVE-2022-43565 Risky command safeguards bypass via ‘tstats command JSON in Splunk Enterprise — Splunk EnterpriseCWE-20 8.1 High2022-11-04
CVE-2022-43564 Denial of Service in Splunk Enterprise through search macros — Splunk EnterpriseCWE-400 4.9 Medium2022-11-04
CVE-2022-43563 Risky command safeguards bypass via rex search command field names in Splunk Enterprise — Splunk EnterpriseCWE-20 8.1 High2022-11-04
CVE-2022-43562 Host Header Injection in Splunk Enterprise — Splunk EnterpriseCWE-20 3.0 Low2022-11-04
CVE-2022-43571 Remote Code Execution through dashboard PDF generation component in Splunk Enterprise — Splunk EnterpriseCWE-94 8.8 High2022-11-03
CVE-2022-43561 Persistent Cross-Site Scripting in “Save Table” Dialog in Splunk Enterprise — Splunk EnterpriseCWE-79 6.4 Medium2022-11-03
CVE-2022-37437 Ingest Actions UI in Splunk Enterprise 9.0.0 disabled TLS certificate validation — Splunk EnterpriseCWE-295 7.4 High2022-08-16
CVE-2022-37439 Malformed ZIP file crashes Universal Forwarders and Splunk Enterprise through file monitoring input — Splunk EnterpriseCWE-409 5.5 Medium2022-08-16
CVE-2022-37438 Information disclosure via the dashboard drilldown in Splunk Enterprise — Splunk EnterpriseCWE-200 2.6 Low2022-08-16
CVE-2022-32152 Splunk Enterprise lacked TLS cert validation for Splunk-to-Splunk communication by default — Splunk EnterpriseCWE-295 8.1 High2022-06-15
CVE-2022-32156 Splunk Enterprise and Universal Forwarder CLI connections lacked TLS cert validation — Splunk EnterpriseCWE-295 8.1 High2022-06-14
CVE-2022-27183 Reflected XSS in a query parameter of the Monitoring Console — Splunk EnterpriseCWE-79 8.8 High2022-05-06
CVE-2022-26889 Path Traversal in search parameter results in external content injection — Splunk EnterpriseCWE-20 8.8 High2022-05-06
CVE-2022-26070 Error message discloses internal path — Splunk EnterpriseCWE-200 4.3 Medium2022-05-06

This page lists every published CVE security advisory associated with Splunk. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.