GCVE - cpe:2.3:a:splunk:splunk_cloud:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:splunk:splunk_cloud:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Splunk (`0f7ef08f-e3f5-59a4-ba5f-26afb7835b46`)
Product	Splunk Cloud (`d1beafb1-b9ae-51e5-a243-7a51f82090cc`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-23677`	vulnerable	2026-06-03 14:55:04.353819	Server Response Disclosure in RapidDiag Salesforce.com Log File MEDIUM (4.3) In Splunk Enterprise versions below 9.0.8, the Splunk RapidDiag utility discloses server responses from external applications in a log file. Published: 2024-01-22T20:37:41.993Z Updated: 2025-02-28T11:03:55.344Z Open on db.gcve.eu Reference links https://advisory.splunk.com/advisories/SVD-2024-0107	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-23676`	vulnerable	2026-06-03 14:55:04.353258	Sensitive Information Disclosure of Index Metrics through “mrollup” SPL Command MEDIUM (4.6) In Splunk versions below 9.0.8 and 9.1.3, the “mrollup” SPL command lets a low-privileged user view metrics on an index that they do not have permission to view. This vulnerability requires user interaction from a high-privileged user to exploit. Published: 2024-01-22T20:37:42.546Z Updated: 2025-06-17T14:24:05.909Z Open on db.gcve.eu Reference links https://advisory.splunk.com/advisories/SVD-2024-0106 https://research.splunk.com/application/ee69374a-d27e-4136-adac-956a96ff60fd/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-23675`	vulnerable	2026-06-03 14:55:04.351382	Splunk App Key Value Store (KV Store) Improper Handling of Permissions Leads to KV Store Collection Deletion MEDIUM (6.5) In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store (KV Store) improperly handles permissions for users that use the REST application programming interface (API). This can potentially result in the deletion of KV Store collections. Published: 2024-01-22T20:37:23.117Z Updated: 2025-02-28T11:03:59.164Z Open on db.gcve.eu Reference links https://advisory.splunk.com/advisories/SVD-2024-0105 https://research.splunk.com/application/8f0e8380-a835-4f2b-b749-9ce119364df0/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-46214`	vulnerable	2026-06-03 14:53:09.380856	Remote code execution (RCE) in Splunk Enterprise through Insecure XML Parsing HIGH (8) In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language transformations (XSLT) that users supply. This means that an attacker can upload malicious XSLT which can result in remote code execution on the Splunk Enterprise instance. Published: 2023-11-16T20:15:25.838Z Updated: 2025-12-16T18:23:23.962Z Open on db.gcve.eu Reference links https://advisory.splunk.com/advisories/SVD-2023-1104 https://research.splunk.com/application/a053e6a6-2146-483a-9798-2d43652f3299/ https://research.splunk.com/application/6cb7e011-55fb-48e3-a98d-164fa854e37e/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-46213`	vulnerable	2026-06-03 14:53:09.377642	Cross-site Scripting (XSS) on “Show Syntax Highlighted” View in Search Page MEDIUM (4.8) In Splunk Enterprise versions below 9.0.7 and 9.1.2, ineffective escaping in the “Show syntax Highlighted” feature can result in the execution of unauthorized code in a user’s web browser. Published: 2023-11-16T20:15:46.739Z Updated: 2025-02-28T11:03:42.823Z Open on db.gcve.eu Reference links https://advisory.splunk.com/advisories/SVD-2023-1103 https://research.splunk.com/application/1030bc63-0b37-4ac9-9ae0-9361c955a3cc/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-40598`	vulnerable	2026-06-03 14:52:50.161827	Command Injection in Splunk Enterprise Using External Lookups HIGH (8.5) In Splunk Enterprise versions below 8.2.12, 9.0.6, and 9.1.1, an attacker can create an external lookup that calls a legacy internal function. The attacker can use this internal function to insert code into the Splunk platform installation directory. From there, a user can execute arbitrary code on the Splunk platform Instance. Published: 2023-08-30T16:19:28.135Z Updated: 2025-02-28T11:03:41.623Z Open on db.gcve.eu Reference links https://advisory.splunk.com/advisories/SVD-2023-0807 https://research.splunk.com/application/ee69374a-d27e-4136-adac-956a96ff60fd/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-40597`	vulnerable	2026-06-03 14:52:50.161263	Absolute Path Traversal in Splunk Enterprise Using runshellscript.py HIGH (7.8) In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can exploit an absolute path traversal to execute arbitrary code that is located on a separate disk. Published: 2023-08-30T16:19:44.220Z Updated: 2025-07-01T13:45:24.210Z Open on db.gcve.eu Reference links https://advisory.splunk.com/advisories/SVD-2023-0806 https://research.splunk.com/application/356bd3fe-f59b-4f64-baa1-51495411b7ad/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-40595`	vulnerable	2026-06-03 14:52:50.160405	Remote Code Execution via Serialized Session Payload HIGH (8.8) In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can execute a specially crafted query that they can then use to serialize untrusted data. The attacker can use the query to execute arbitrary code. Published: 2023-08-30T16:19:29.761Z Updated: 2025-02-28T11:03:49.175Z Open on db.gcve.eu Reference links https://advisory.splunk.com/advisories/SVD-2023-0804 https://research.splunk.com/application/d1d8fda6-874a-400f-82cf-dcbb59d8e4db/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-40594`	vulnerable	2026-06-03 14:52:50.160027	Denial of Service (DoS) via the ‘printf’ Search Function MEDIUM (6.5) In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can use the `printf` SPL function to perform a denial of service (DoS) against the Splunk Enterprise instance. Published: 2023-08-30T16:19:40.677Z Updated: 2025-02-28T11:03:47.517Z Open on db.gcve.eu Reference links https://advisory.splunk.com/advisories/SVD-2023-0803 https://research.splunk.com/application/78b48d08-075c-4eac-bd07-e364c3780867/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-40593`	vulnerable	2026-06-03 14:52:50.159528	Denial of Service (DoS) in Splunk Enterprise Using a Malformed SAML Request MEDIUM (6.3) In Splunk Enterprise versions lower than 9.0.6 and 8.2.12, a malicious actor can send a malformed security assertion markup language (SAML) request to the `/saml/acs` REST endpoint which can cause a denial of service through a crash or hang of the Splunk daemon. Published: 2023-08-30T16:19:41.308Z Updated: 2025-02-28T11:03:56.605Z Open on db.gcve.eu Reference links https://advisory.splunk.com/advisories/SVD-2023-0802 https://research.splunk.com/application/8e8a86d5-f323-4567-95be-8e817e2baee6/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-40592`	vulnerable	2026-06-03 14:52:50.156895	Reflected Cross-site Scripting (XSS) on "/app/search/table" web endpoint HIGH (8.4) In Splunk Enterprise versions below 9.1.1, 9.0.6, and 8.2.12, an attacker can craft a special web request that can result in reflected cross-site scripting (XSS) on the “/app/search/table” web endpoint. Exploitation of this vulnerability can lead to the execution of arbitrary commands on the Splunk platform instance. Published: 2023-08-30T16:19:38.525Z Updated: 2025-02-28T11:03:48.911Z Open on db.gcve.eu Reference links https://advisory.splunk.com/advisories/SVD-2023-0801 https://research.splunk.com/application/182f9080-4137-4629-94ac-cb1083ac981a/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.