The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Splunk Enterprise

2 Splunk Enterprise: Cross Site Scripting via Splunk Web
An attacker can trigger a Cross Site Scripting via Splunk Web of Splunk Enterprise, in order to run JavaScript code in the context of the web site...
CVE-2019-5727, SP-CAAAQAF, SPL-138827, VIGILANCE-VUL-28557
3 Splunk Enterprise: denial of service via HTTP Request
An attacker can generate a fatal error via HTTP Request of Splunk Enterprise, in order to trigger a denial of service...
CVE-2018-7429, SP-CAAAP5T, VIGILANCE-VUL-27585
2 Splunk Enterprise: directory traversal via Django App
An attacker can traverse directories via Django App of Splunk Enterprise, in order to read a file outside the service root path...
CVE-2018-7431, SP-CAAAP5T, VIGILANCE-VUL-27584
2 Splunk Enterprise: denial of service via HTTP Request
An attacker can generate a fatal error via HTTP Request of Splunk Enterprise, in order to trigger a denial of service...
CVE-2018-7432, SP-CAAAP2K, SP-CAAAP5T, SPL-135650, VIGILANCE-VUL-27583
2 Splunk Enterprise: Cross Site Scripting via Splunk Web
An attacker can trigger a Cross Site Scripting via Splunk Web of Splunk Enterprise, in order to run JavaScript code in the context of the web site...
CVE-2018-7427, SP-CAAAP2K, SP-CAAAP5T, SPL-135650, VIGILANCE-VUL-27582
2 Splunk: information disclosure via __raw
An authenticated attacker can use a vulnerability via __raw of Splunk, in order to obtain sensitive information...
CVE-2018-11409, SP-CAAAP5E, VIGILANCE-VUL-26369
2 Splunk Enterprise: privilege escalation via SAML
An attacker can bypass restrictions via SAML of Splunk Enterprise, in order to escalate his privileges...
CVE-2017-17067, SP-CAAAP3K, VIGILANCE-VUL-24450
2 Splunk Enterprise: privilege escalation via Non-root User Configuration
An attacker can bypass restrictions via Non-root User Configuration of Splunk Enterprise, in order to escalate his privileges...
KL-001-2017-022, SP-CAAAP3M, SPL-144192, VIGILANCE-VUL-24273
2 Splunk Enterprise: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Splunk Enterprise, in order to run JavaScript code in the context of the web site...
SP-CAAAP3H, SPL-142874, SPL-142877, VIGILANCE-VUL-23545
2 Splunk Enterprise: three Cross Site Scripting via Splunk Web
An attacker can trigger three Cross Site Scripting via Splunk Web of Splunk Enterprise, in order to run JavaScript code in the context of the web site...
SP-CAAAP2K, SPL-135650, VIGILANCE-VUL-22517
Our database contains other pages. You can request a free trial to read them.

Display information about Splunk Enterprise: