GCVE - cpe:2.3:a:splunk:splunk:6.1:*:*:*:enterprise:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:splunk:splunk:6.1:*:*:*:enterprise:*:*:*

part: a version: 6.1 update: *

Vendor	Splunk (`0f7ef08f-e3f5-59a4-ba5f-26afb7835b46`)
Product	Splunk (`22a1d8ad-9b0f-51c8-ad24-657c0c14204c`)
Edition	*
Language	*
Software edition	enterprise
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2014-8303`	vulnerable	2026-06-03 14:34:23.540801	Details available Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.4 and 6.0.x before 6.0.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to event parsing. Published: 2014-10-16T19:00:00.000Z Updated: 2024-09-16T19:51:38.121Z Open on db.gcve.eu Reference links http://www.securitytracker.com/id/1030994 http://www.splunk.com/view/SP-CAAANHS	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-8302`	vulnerable	2026-06-03 14:34:23.538674	Details available Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.4, 6.0.x before 6.0.6, and 5.0.x before 5.0.10 allows remote attackers to inject arbitrary web script or HTML via vectors related to dashboard. Published: 2014-10-16T19:00:00.000Z Updated: 2024-09-16T16:43:09.591Z Open on db.gcve.eu Reference links http://www.securitytracker.com/id/1030994 http://www.splunk.com/view/SP-CAAANHS	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-5198`	vulnerable	2026-06-03 14:34:05.634250	Details available Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.3 allows remote attackers to inject arbitrary web script or HTML via the Referer HTTP header. Published: 2014-08-12T20:00:00.000Z Updated: 2024-09-16T18:12:54.478Z Open on db.gcve.eu Reference links http://secunia.com/advisories/59940 http://www.splunk.com/view/SP-CAAAM9H http://www.securitytracker.com/id/1030690	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-5197`	vulnerable	2026-06-03 14:34:05.631997	Details available Directory traversal vulnerability in (1) Splunk Web or the (2) Splunkd HTTP Server in Splunk Enterprise 6.1.x before 6.1.3 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a URI, related to search ids. Published: 2014-08-12T20:00:00.000Z Updated: 2024-09-17T01:36:58.756Z Open on db.gcve.eu Reference links http://secunia.com/advisories/59940 http://www.splunk.com/view/SP-CAAAM9H http://www.securitytracker.com/id/1030690	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.