Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
splunk splunk 4.0.1 vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2023-32715
In the Splunk App for Lookup File Editing versions below 4.0.1, a user can insert potentially malicious JavaScript code into the app, which causes that code to run on the user’s machine. The app itself does not contain the potentially malicious JavaScript code. The vulnerab...
Splunk Splunk App For Lookup File Editing
8.1
CVSSv3
CVE-2023-32714
In the Splunk App for Lookup File Editing versions below 4.0.1, a low-privileged user can, with a specially crafted web request, trigger a path traversal exploit that can then be used to read and write to restricted areas of the Splunk installation directory.
Splunk Splunk
Splunk Splunk App For Lookup File Editing
NA
CVE-2013-6870
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk prior to 5.0.6 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Splunk Splunk 3.3.1
Splunk Splunk 4.0.4
Splunk Splunk 2.1
Splunk Splunk 3.3.4
Splunk Splunk 3.0
Splunk Splunk 4.0.6
Splunk Splunk 4.1.2
Splunk Splunk 3.2
Splunk Splunk 5.0.4
Splunk Splunk 4.1.1
Splunk Splunk 4.2.3
Splunk Splunk 4.0
Splunk Splunk 3.4.13
Splunk Splunk 3.0.1
Splunk Splunk 3.3.2
Splunk Splunk 4.2.2
Splunk Splunk 4.3.1
Splunk Splunk 3.4.9
Splunk Splunk 4.0.3
Splunk Splunk 4.1.8
Splunk Splunk 5.0.1
Splunk Splunk 3.4.10
NA
CVE-2012-1908
Cross-site scripting (XSS) vulnerability in Splunk 4.0 up to and including 4.3 allows remote malicious users to inject arbitrary web script or HTML via unknown vectors.
Splunk Splunk 4.0.4
Splunk Splunk 4.0.6
Splunk Splunk 4.1.2
Splunk Splunk 4.1.1
Splunk Splunk 4.2.3
Splunk Splunk 4.0
Splunk Splunk 4.2.2
Splunk Splunk 4.0.3
Splunk Splunk 4.1.8
Splunk Splunk 4.1.3
Splunk Splunk 4.2
Splunk Splunk 4.0.8
Splunk Splunk 4.0.5
Splunk Splunk 4.1.5
Splunk Splunk 4.0.9
Splunk Splunk 4.0.11
Splunk Splunk 4.2.4
Splunk Splunk 4.2.5
Splunk Splunk 4.0.10
Splunk Splunk 4.1.7
Splunk Splunk 4.1.4
Splunk Splunk 4.1
NA
CVE-2011-4643
Multiple directory traversal vulnerabilities in Splunk 4.x prior to 4.2.5 allow remote authenticated users to read arbitrary files via a .. (dot dot) in a URI to (1) Splunk Web or (2) the Splunkd HTTP Server, aka SPL-45243.
Splunk Splunk 4.0.4
Splunk Splunk 4.0.6
Splunk Splunk 4.1.2
Splunk Splunk 4.1.1
Splunk Splunk 4.2.3
Splunk Splunk 4.0
Splunk Splunk 4.2.2
Splunk Splunk 4.0.3
Splunk Splunk 4.1.8
Splunk Splunk 4.1.3
Splunk Splunk 4.2
Splunk Splunk 4.0.8
Splunk Splunk 4.0.5
Splunk Splunk 4.1.5
Splunk Splunk 4.0.9
Splunk Splunk 4.0.11
Splunk Splunk 4.2.4
Splunk Splunk 4.0.10
Splunk Splunk 4.1.7
Splunk Splunk 4.1.4
Splunk Splunk 4.1
Splunk Splunk 4.0.1
1 EDB exploit
NA
CVE-2011-4644
Splunk 4.2.5 and previous versions, when a Free license is selected, enables potentially undesirable functionality within an environment that intentionally does not support authentication, which allows remote malicious users to (1) read arbitrary files via a management-console se...
Splunk Splunk 3.3.1
Splunk Splunk 4.0.4
Splunk Splunk 2.1
Splunk Splunk 3.3.4
Splunk Splunk 3.0
Splunk Splunk 4.0.6
Splunk Splunk 4.1.2
Splunk Splunk 3.2
Splunk Splunk 4.1.1
Splunk Splunk 4.2.3
Splunk Splunk 4.0
Splunk Splunk 3.4.13
Splunk Splunk 3.0.1
Splunk Splunk 3.3.2
Splunk Splunk 4.2.2
Splunk Splunk 3.4.9
Splunk Splunk 4.0.3
Splunk Splunk 4.1.8
Splunk Splunk 3.4.10
Splunk Splunk 4.1.3
Splunk Splunk 3.4.8
Splunk Splunk 3.2.3
1 EDB exploit
NA
CVE-2010-3323
Splunk 4.0.0 up to and including 4.1.4 allows remote malicious users to conduct session hijacking attacks and obtain the splunkd session key via vectors related to the SPLUNKD_SESSION_KEY parameter.
Splunk Splunk 4.0.4
Splunk Splunk 4.0.6
Splunk Splunk 4.1.2
Splunk Splunk 4.1.1
Splunk Splunk 4.0
Splunk Splunk 4.0.3
Splunk Splunk 4.1.3
Splunk Splunk 4.0.8
Splunk Splunk 4.0.5
Splunk Splunk 4.0.9
Splunk Splunk 4.0.11
Splunk Splunk 4.0.10
Splunk Splunk 4.1.4
Splunk Splunk 4.1
Splunk Splunk 4.0.1
Splunk Splunk 4.0.7
Splunk Splunk 4.0.2
NA
CVE-2010-2502
Multiple directory traversal vulnerabilities in Splunk 4.0 up to and including 4.0.10 and 4.1 up to and including 4.1.1 allow (1) remote malicious users to read arbitrary files, aka SPL-31194; (2) remote authenticated users to modify arbitrary files, aka SPL-31063; or (3) have an...
Splunk Splunk 4.0.4
Splunk Splunk 4.0.6
Splunk Splunk 4.0
Splunk Splunk 4.0.3
Splunk Splunk 4.0.8
Splunk Splunk 4.0.5
Splunk Splunk 4.0.9
Splunk Splunk 4.0.10
Splunk Splunk 4.0.1
Splunk Splunk 4.0.7
Splunk Splunk 4.0.2
Splunk Splunk 4.1.1
Splunk Splunk 4.1
NA
CVE-2010-2503
Multiple cross-site scripting (XSS) vulnerabilities in Splunk 4.0 up to and including 4.0.10 and 4.1 up to and including 4.1.1 allow remote malicious users to inject arbitrary web script or HTML via (1) redirects, aka SPL-31067; (2) unspecified "user->user or user->adm...
Splunk Splunk 4.0.4
Splunk Splunk 4.0.6
Splunk Splunk 4.0
Splunk Splunk 4.0.3
Splunk Splunk 4.0.8
Splunk Splunk 4.0.5
Splunk Splunk 4.0.9
Splunk Splunk 4.0.10
Splunk Splunk 4.0.1
Splunk Splunk 4.0.7
Splunk Splunk 4.0.2
Splunk Splunk 4.1.1
Splunk Splunk 4.1
NA
CVE-2010-2504
Splunk 4.0 up to and including 4.0.10 and 4.1 up to and including 4.1.1 allows remote authenticated users to obtain sensitive information via HTTP header injection, aka SPL-31066.
Splunk Splunk 4.0.4
Splunk Splunk 4.0.6
Splunk Splunk 4.0
Splunk Splunk 4.0.3
Splunk Splunk 4.0.8
Splunk Splunk 4.0.5
Splunk Splunk 4.0.9
Splunk Splunk 4.0.10
Splunk Splunk 4.0.1
Splunk Splunk 4.0.7
Splunk Splunk 4.0.2
Splunk Splunk 4.1.1
Splunk Splunk 4.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »