Splunk Cloud

CPE Details

Splunk Cloud
splunk
cloud
-
2025-03-13
11h06 +00:00
2025-03-13
11h06 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:splunk:cloud:-:*:*:*:*:*:*:*

Informations

Vendor

splunk

Product

cloud

Version

-

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2024-23676 2024-01-22 20h37 +00:00 In Splunk versions below 9.0.8 and 9.1.3, the “mrollup” SPL command lets a low-privileged user view metrics on an index that they do not have permission to view. This vulnerability requires user interaction from a high-privileged user to exploit.
4.6
Moyen
CVE-2024-23677 2024-01-22 20h37 +00:00 In Splunk Enterprise versions below 9.0.8, the Splunk RapidDiag utility discloses server responses from external applications in a log file.
5.3
Moyen
CVE-2024-23675 2024-01-22 20h37 +00:00 In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store (KV Store) improperly handles permissions for users that use the REST application programming interface (API). This can potentially result in the deletion of KV Store collections.
6.5
Moyen
CVE-2023-46213 2023-11-16 20h15 +00:00 In Splunk Enterprise versions below 9.0.7 and 9.1.2, ineffective escaping in the “Show syntax Highlighted” feature can result in the execution of unauthorized code in a user’s web browser.
4.8
Moyen
CVE-2023-46214 2023-11-16 20h15 +00:00 In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language transformations (XSLT) that users supply. This means that an attacker can upload malicious XSLT which can result in remote code execution on the Splunk Enterprise instance.
8.8
Haute