Splunk Cloud

CPE Details

Splunk Cloud
splunk
cloud
-
2025-03-13
11h06 +00:00
2025-03-13
11h06 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:splunk:cloud:-:*:*:*:*:*:*:*

Informations

Vendor

splunk

Product

cloud

Version

-

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-23676 2024-01-22 20h37 +00:00 In Splunk versions below 9.0.8 and 9.1.3, the “mrollup” SPL command lets a low-privileged user view metrics on an index that they do not have permission to view. This vulnerability requires user interaction from a high-privileged user to exploit.
4.6
Medium
CVE-2024-23677 2024-01-22 20h37 +00:00 In Splunk Enterprise versions below 9.0.8, the Splunk RapidDiag utility discloses server responses from external applications in a log file.
5.3
Medium
CVE-2024-23675 2024-01-22 20h37 +00:00 In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store (KV Store) improperly handles permissions for users that use the REST application programming interface (API). This can potentially result in the deletion of KV Store collections.
6.5
Medium
CVE-2023-46213 2023-11-16 20h15 +00:00 In Splunk Enterprise versions below 9.0.7 and 9.1.2, ineffective escaping in the “Show syntax Highlighted” feature can result in the execution of unauthorized code in a user’s web browser.
4.8
Medium
CVE-2023-46214 2023-11-16 20h15 +00:00 In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language transformations (XSLT) that users supply. This means that an attacker can upload malicious XSLT which can result in remote code execution on the Splunk Enterprise instance.
8.8
High