Splunk Cloud
By the Year
In 2024 there have been 3 vulnerabilities in Splunk Cloud with an average score of 5.1 out of ten. Last year Cloud had 2 security vulnerabilities published. That is, 1 more vulnerability have already been reported in 2024 as compared to last year. Last year, the average CVE base score was greater by 1.70
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 3 | 5.10 |
| 2023 | 2 | 6.80 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Cloud vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Splunk Cloud Security Vulnerabilities
In Splunk Enterprise versions below 9.0.8, the Splunk RapidDiag utility discloses server responses
CVE-2024-23677
5.3 - Medium
- January 22, 2024
In Splunk Enterprise versions below 9.0.8, the Splunk RapidDiag utility discloses server responses from external applications in a log file.
Insertion of Sensitive Information into Log File
In Splunk versions below 9.0.8 and 9.1.3, the mrollup SPL command lets a low-privileged user view metrics on an index
CVE-2024-23676
3.5 - Low
- January 22, 2024
In Splunk versions below 9.0.8 and 9.1.3, the mrollup SPL command lets a low-privileged user view metrics on an index that they do not have permission to view. This vulnerability requires user interaction from a high-privileged user to exploit.
In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store (KV Store) improperly handles permissions for users
CVE-2024-23675
6.5 - Medium
- January 22, 2024
In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store (KV Store) improperly handles permissions for users that use the REST application programming interface (API). This can potentially result in the deletion of KV Store collections.
AuthZ
In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language transformations (XSLT)
CVE-2023-46214
8.8 - High
- November 16, 2023
In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language transformations (XSLT) that users supply. This means that an attacker can upload malicious XSLT which can result in remote code execution on the Splunk Enterprise instance.
aka Blind XPath Injection
In Splunk Enterprise versions below 9.0.7 and 9.1.2, ineffective escaping in the Show syntax Highlighted feature
CVE-2023-46213
4.8 - Medium
- November 16, 2023
In Splunk Enterprise versions below 9.0.7 and 9.1.2, ineffective escaping in the Show syntax Highlighted feature can result in the execution of unauthorized code in a users web browser.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Splunk or by Splunk? Click the Watch button to subscribe.
