Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
splunk splunk 4.2.2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-4642
mappy.py in Splunk Web in Splunk 4.2.x prior to 4.2.5 does not properly restrict use of the mappy command to access Python classes, which allows remote authenticated administrators to execute arbitrary code by leveraging the sys module in a request to the search application, as d...
Splunk Splunk 4.2.3
Splunk Splunk 4.2.2
Splunk Splunk 4.2
Splunk Splunk 4.2.4
Splunk Splunk 4.2.1
1 EDB exploit
3 Github repositories
NA
CVE-2011-4778
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk 4.2.x prior to 4.2.5 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, aka SPL-44614.
Splunk Splunk 4.2.3
Splunk Splunk 4.2.2
Splunk Splunk 4.2
Splunk Splunk 4.2.4
Splunk Splunk 4.2.1
NA
CVE-2011-4643
Multiple directory traversal vulnerabilities in Splunk 4.x prior to 4.2.5 allow remote authenticated users to read arbitrary files via a .. (dot dot) in a URI to (1) Splunk Web or (2) the Splunkd HTTP Server, aka SPL-45243.
Splunk Splunk 4.0.4
Splunk Splunk 4.0.6
Splunk Splunk 4.1.2
Splunk Splunk 4.1.1
Splunk Splunk 4.2.3
Splunk Splunk 4.0
Splunk Splunk 4.2.2
Splunk Splunk 4.0.3
Splunk Splunk 4.1.8
Splunk Splunk 4.1.3
Splunk Splunk 4.2
Splunk Splunk 4.0.8
Splunk Splunk 4.0.5
Splunk Splunk 4.1.5
Splunk Splunk 4.0.9
Splunk Splunk 4.0.11
Splunk Splunk 4.2.4
Splunk Splunk 4.0.10
Splunk Splunk 4.1.7
Splunk Splunk 4.1.4
Splunk Splunk 4.1
Splunk Splunk 4.0.1
1 EDB exploit
NA
CVE-2012-1908
Cross-site scripting (XSS) vulnerability in Splunk 4.0 up to and including 4.3 allows remote malicious users to inject arbitrary web script or HTML via unknown vectors.
Splunk Splunk 4.0.4
Splunk Splunk 4.0.6
Splunk Splunk 4.1.2
Splunk Splunk 4.1.1
Splunk Splunk 4.2.3
Splunk Splunk 4.0
Splunk Splunk 4.2.2
Splunk Splunk 4.0.3
Splunk Splunk 4.1.8
Splunk Splunk 4.1.3
Splunk Splunk 4.2
Splunk Splunk 4.0.8
Splunk Splunk 4.0.5
Splunk Splunk 4.1.5
Splunk Splunk 4.0.9
Splunk Splunk 4.0.11
Splunk Splunk 4.2.4
Splunk Splunk 4.2.5
Splunk Splunk 4.0.10
Splunk Splunk 4.1.7
Splunk Splunk 4.1.4
Splunk Splunk 4.1
NA
CVE-2011-4644
Splunk 4.2.5 and previous versions, when a Free license is selected, enables potentially undesirable functionality within an environment that intentionally does not support authentication, which allows remote malicious users to (1) read arbitrary files via a management-console se...
Splunk Splunk 3.3.1
Splunk Splunk 4.0.4
Splunk Splunk 2.1
Splunk Splunk 3.3.4
Splunk Splunk 3.0
Splunk Splunk 4.0.6
Splunk Splunk 4.1.2
Splunk Splunk 3.2
Splunk Splunk 4.1.1
Splunk Splunk 4.2.3
Splunk Splunk 4.0
Splunk Splunk 3.4.13
Splunk Splunk 3.0.1
Splunk Splunk 3.3.2
Splunk Splunk 4.2.2
Splunk Splunk 3.4.9
Splunk Splunk 4.0.3
Splunk Splunk 4.1.8
Splunk Splunk 3.4.10
Splunk Splunk 4.1.3
Splunk Splunk 3.4.8
Splunk Splunk 3.2.3
1 EDB exploit
NA
CVE-2013-6870
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk prior to 5.0.6 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Splunk Splunk 3.3.1
Splunk Splunk 4.0.4
Splunk Splunk 2.1
Splunk Splunk 3.3.4
Splunk Splunk 3.0
Splunk Splunk 4.0.6
Splunk Splunk 4.1.2
Splunk Splunk 3.2
Splunk Splunk 5.0.4
Splunk Splunk 4.1.1
Splunk Splunk 4.2.3
Splunk Splunk 4.0
Splunk Splunk 3.4.13
Splunk Splunk 3.0.1
Splunk Splunk 3.3.2
Splunk Splunk 4.2.2
Splunk Splunk 4.3.1
Splunk Splunk 3.4.9
Splunk Splunk 4.0.3
Splunk Splunk 4.1.8
Splunk Splunk 5.0.1
Splunk Splunk 3.4.10
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started