Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

splunk splunk 6.0 vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2014-8303
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.1.x prior to 6.1.4 and 6.0.x prior to 6.0.6 allows remote malicious users to inject arbitrary web script or HTML via vectors related to event parsing.
Splunk Splunk 6.0.3Splunk Splunk 6.0.5Splunk Splunk 6.1.1Splunk Splunk 6.1.2Splunk Splunk 6.1.3Splunk Splunk 6.0Splunk Splunk 6.0.1Splunk Splunk 6.0.2Splunk Splunk 6.0.4Splunk Splunk 6.1
NA
CVE-2014-8302
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.1.x prior to 6.1.4, 6.0.x prior to 6.0.6, and 5.0.x prior to 5.0.10 allows remote malicious users to inject arbitrary web script or HTML via vectors related to dashboard.
Splunk Splunk 5.0Splunk Splunk 5.0.2Splunk Splunk 5.0.9Splunk Splunk 6.0.0Splunk Splunk 6.0.5Splunk Splunk 6.1.1Splunk Splunk 6.1.3Splunk Splunk 6.0.1Splunk Splunk 6.0.2Splunk Splunk 6.0.3Splunk Splunk 6.0.4Splunk Splunk 5.0.4Splunk Splunk 5.0.5Splunk Splunk 5.0.6Splunk Splunk 5.0.7Splunk Splunk 5.0.1Splunk Splunk 5.0.3Splunk Splunk 5.0.8Splunk Splunk 6.0Splunk Splunk 6.1Splunk Splunk 6.1.2
NA
CVE-2014-5466
Cross-site scripting (XSS) vulnerability in the Dashboard in Splunk Web in Splunk Enterprise 6.1.x prior to 6.1.4, 6.0.x prior to 6.0.7, and 5.0.x prior to 5.0.10 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Splunk Splunk 5.0.4Splunk Splunk 5.0.2Splunk Splunk 6.0.2Splunk Splunk 6.0.4Splunk Splunk 6.1.4Splunk Splunk 5.0.9Splunk Splunk 5.0.8Splunk Splunk 5.0.7Splunk Splunk 5.0.6Splunk Splunk 6.0.6Splunk Splunk 6.1Splunk Splunk 6.1.1Splunk Splunk 6.1.2Splunk Splunk 5.0.1Splunk Splunk 5.0Splunk Splunk 6.0Splunk Splunk 6.0.1Splunk Splunk 5.0.5Splunk Splunk 5.0.3Splunk Splunk 6.0.3Splunk Splunk 6.0.5Splunk Splunk 6.1.3
9.8
CVSSv3
CVE-2016-10126
Splunk Web in Splunk Enterprise 5.0.x prior to 5.0.17, 6.0.x prior to 6.0.13, 6.1.x prior to 6.1.12, 6.2.x prior to 6.2.12, 6.3.x prior to 6.3.8, and 6.4.x prior to 6.4.4 allows remote malicious users to conduct HTTP request injection attacks and obtain sensitive REST API authent...
Splunk Splunk 5.0.1Splunk Splunk 5.0.10Splunk Splunk 5.0.6Splunk Splunk 5.0.7Splunk Splunk 5.0.13Splunk Splunk 5.0.14Splunk Splunk 5.0.2Splunk Splunk 5.0.3Splunk Splunk 5.0.11Splunk Splunk 5.0.12Splunk Splunk 5.0.8Splunk Splunk 5.0.9Splunk Splunk 5.0.15Splunk Splunk 5.0.16Splunk Splunk 5.0.0Splunk Splunk 5.0.4Splunk Splunk 5.0.5Splunk Splunk 6.0.9Splunk Splunk 6.0.10Splunk Splunk 6.0.4Splunk Splunk 6.0.5Splunk Splunk 6.0.0
6.5
CVSSv3
CVE-2017-5880
Splunk Web in Splunk Enterprise versions 6.5.x prior to 6.5.2, 6.4.x prior to 6.4.5, 6.3.x prior to 6.3.9, 6.2.x prior to 6.2.13, 6.1.x prior to 6.1.12, 6.0.x prior to 6.0.13, 5.0.x prior to 5.0.17 and Splunk Light versions prior to 6.5.2 allows remote authenticated users to caus...
Splunk Splunk 5.0.5Splunk Splunk 5.0.3Splunk Splunk 5.0.13Splunk Splunk 5.0.11Splunk Splunk 5.0.1Splunk Splunk 6.0.1Splunk Splunk 6.0.3Splunk Splunk 6.0.10Splunk Splunk 6.0.12Splunk Splunk 6.1.10Splunk Splunk 6.1.4Splunk Splunk 6.1.6Splunk Splunk 6.2.4Splunk Splunk 6.2.6Splunk Splunk 6.2.1Splunk Splunk 6.2.2Splunk Splunk 6.3.6Splunk Splunk 6.3.8Splunk Splunk 6.4.4Splunk Splunk 6.5.1Splunk Splunk 5.0.2Splunk Splunk 5.0.16
NA
CVE-2015-6515
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.2.x prior to 6.2.4, 6.1.x prior to 6.1.8, 6.0.x prior to 6.0.9, and 5.0.x prior to 5.0.13 and Splunk Light 6.2.x prior to 6.2.4 allows remote malicious users to inject arbitrary web script or HTML via a...
Splunk Splunk 5.0.12Splunk Splunk 6.0.0Splunk Splunk 6.0.1Splunk Splunk 6.0.2Splunk Splunk 6.1.7Splunk Splunk 6.2.0Splunk Splunk 6.2.3Splunk Splunk 6.2.2Splunk Splunk 5.0.4Splunk Splunk 5.0.5Splunk Splunk 5.0.6Splunk Splunk 5.0.7Splunk Splunk 6.0.8Splunk Splunk 6.1.0Splunk Splunk 6.1.1Splunk Splunk 6.1.2Splunk Splunk 5.0.1Splunk Splunk 5.0.3Splunk Splunk 5.0.8Splunk Splunk 5.0.10Splunk Splunk 6.0.4Splunk Splunk 6.0.6
4.8
CVSSv3
CVE-2016-4858
Cross-site scripting vulnerability in Splunk Enterprise 6.4.x before 6.4.2, Splunk Enterprise 6.3.x before 6.3.6, Splunk Enterprise 6.2.x before 6.2.10, Splunk Enterprise 6.1.x before 6.1.11, Splunk Enterprise 6.0.x before 6.0.12, Splunk Enterprise 5.0.x before 5.0.16 and Splunk ...
Splunk Splunk 5.0.15Splunk Splunk 5.0.1Splunk Splunk 5.0.0Splunk SplunkSplunk Splunk 6.0.11Splunk Splunk 6.1.10Splunk Splunk 6.1.9Splunk Splunk 6.1.8Splunk Splunk 6.1.7Splunk Splunk 6.2.3Splunk Splunk 6.2.2Splunk Splunk 6.2.1Splunk Splunk 6.2.0Splunk Splunk 5.0.14Splunk Splunk 5.0.12Splunk Splunk 5.0.5Splunk Splunk 5.0.3Splunk Splunk 6.0.9Splunk Splunk 6.0.7Splunk Splunk 6.0.2Splunk Splunk 6.0.0Splunk Splunk 6.1.2
6.1
CVSSv3
CVE-2016-4859
Open redirect vulnerability in Splunk Enterprise 6.4.x before 6.4.3, Splunk Enterprise 6.3.x before 6.3.6, Splunk Enterprise 6.2.x before 6.2.10, Splunk Enterprise 6.1.x before 6.1.11, Splunk Enterprise 6.0.x before 6.0.12, Splunk Enterprise 5.0.x before 5.0.16 and Splunk Light b...
Splunk Splunk 5.0.11Splunk Splunk 5.0.10Splunk Splunk 5.0.9Splunk Splunk 5.0.8Splunk Splunk 6.0.7Splunk Splunk 6.0.6Splunk Splunk 6.0.5Splunk Splunk 6.0.4Splunk Splunk 6.1.4Splunk Splunk 6.1.3Splunk Splunk 6.1.0Splunk Splunk 6.2.4Splunk Splunk 5.0.15Splunk Splunk 5.0.13Splunk Splunk 5.0.6Splunk Splunk 5.0.4Splunk SplunkSplunk Splunk 6.0.10Splunk Splunk 6.0.8Splunk Splunk 6.0.3Splunk Splunk 6.0.1Splunk Splunk 6.1.7
5.4
CVSSv3
CVE-2019-5727
Splunk Web in Splunk Enterprise 6.5.x prior to 6.5.5, 6.4.x prior to 6.4.9, 6.3.x prior to 6.3.12, 6.2.x prior to 6.2.14, 6.1.x prior to 6.1.14, and 6.0.x prior to 6.0.15 and Splunk Light prior to 6.6.0 has Persistent XSS, aka SPL-138827.
Splunk Splunk
6.5
CVSSv3
CVE-2018-7431
Directory traversal vulnerability in the Splunk Django App in Splunk Enterprise 6.0.x prior to 6.0.14, 6.1.x prior to 6.1.13, 6.2.x prior to 6.2.14, 6.3.x prior to 6.3.10, 6.4.x prior to 6.4.6, and 6.5.x prior to 6.5.3; and Splunk Light prior to 6.6.0 allows remote authenticated ...
Splunk Splunk
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
injectionCVE-2024-30983CVE-2023-4235CVE-2024-21338privilegeencryptionCVE-2023-4232CVE-2024-31497CVE-2024-32341
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook