Splunk Cloud
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Splunk Cloud.
By the Year
In 2025 there have been 0 vulnerabilities in Splunk Cloud. Last year, in 2024 Cloud had 7 security vulnerabilities published. Right now, Cloud is on track to have less security vulnerabilities in 2025 than it did last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2025 | 0 | 0.00 |
2024 | 7 | 5.61 |
2023 | 2 | 6.80 |
2022 | 0 | 0.00 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Cloud vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Splunk Cloud Security Vulnerabilities
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, a low-privileged user
CVE-2024-36989
4.3 - Medium
- July 01, 2024
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, a low-privileged user that does not hold the admin or power Splunk roles could create notifications in Splunk Web Bulletin Messages that all users on the instance receive.
In Splunk Enterprise versions below 9.2.2
CVE-2024-36987
6.5 - Medium
- July 01, 2024
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, an authenticated, low-privileged user who does not hold the admin or power Splunk roles could upload a file with an arbitrary extension using the indexing/preview REST endpoint.
Unrestricted File Upload
In Splunk Enterprise versions below 9.2.2
CVE-2024-36986
5.7 - Medium
- July 01, 2024
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, an authenticated user could run risky commands using the permissions of a higher-privileged user to bypass SPL safeguards for risky commands in the Analytics Workspace. The vulnerability requires the authenticated user to phish the victim by tricking them into initiating a request within their browser. The authenticated user should not be able to exploit the vulnerability at will.
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109 and 9.1.2308.207, an attacker could trigger a null pointer reference on the cluster/config REST endpoint
CVE-2024-36982
7.5 - High
- July 01, 2024
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109 and 9.1.2308.207, an attacker could trigger a null pointer reference on the cluster/config REST endpoint, which could result in a crash of the Splunk daemon.
NULL Pointer Dereference
In Splunk Enterprise versions below 9.0.8, the Splunk RapidDiag utility discloses server responses
CVE-2024-23677
5.3 - Medium
- January 22, 2024
In Splunk Enterprise versions below 9.0.8, the Splunk RapidDiag utility discloses server responses from external applications in a log file.
Insertion of Sensitive Information into Log File
In Splunk versions below 9.0.8 and 9.1.3, the mrollup SPL command lets a low-privileged user view metrics on an index
CVE-2024-23676
3.5 - Low
- January 22, 2024
In Splunk versions below 9.0.8 and 9.1.3, the mrollup SPL command lets a low-privileged user view metrics on an index that they do not have permission to view. This vulnerability requires user interaction from a high-privileged user to exploit.
In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store (KV Store) improperly handles permissions for users
CVE-2024-23675
6.5 - Medium
- January 22, 2024
In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store (KV Store) improperly handles permissions for users that use the REST application programming interface (API). This can potentially result in the deletion of KV Store collections.
AuthZ
In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language transformations (XSLT)
CVE-2023-46214
8.8 - High
- November 16, 2023
In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language transformations (XSLT) that users supply. This means that an attacker can upload malicious XSLT which can result in remote code execution on the Splunk Enterprise instance.
aka Blind XPath Injection
In Splunk Enterprise versions below 9.0.7 and 9.1.2, ineffective escaping in the Show syntax Highlighted feature
CVE-2023-46213
4.8 - Medium
- November 16, 2023
In Splunk Enterprise versions below 9.0.7 and 9.1.2, ineffective escaping in the Show syntax Highlighted feature can result in the execution of unauthorized code in a users web browser.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Splunk or by Splunk? Click the Watch button to subscribe.