Known Vulnerabilities for products from Splunk
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Splunk".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-20205 json | Not Provided | 2026-04-15 | 2026-04-15 | |
| CVE-2026-20204 json | In Splunk Enterprise versions below 10.2.1, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0,... | Not Provided | 2026-04-15 | 2026-04-17 |
| CVE-2026-20203 json | In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0,... | Not Provided | 2026-04-15 | 2026-04-17 |
| CVE-2026-20202 json | In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0,... | Not Provided | 2026-04-15 | 2026-04-17 |
| CVE-2024-29946 json | 8.1 - HIGH | 2024-03-27 | 2024-04-01 | |
| CVE-2024-29945 json | 7.2 - HIGH | 2024-03-27 | 2024-04-01 | |
| CVE-2024-23678 json | 8.8 - HIGH | 2024-01-22 | 2024-01-29 | |
| CVE-2024-23677 json | 5.3 - MEDIUM | 2024-01-22 | 2024-01-29 | |
| CVE-2024-23676 json | 3.5 - LOW | 2024-01-22 | 2024-01-29 | |
| CVE-2024-23675 json | 6.5 - MEDIUM | 2024-01-22 | 2024-01-29 | |
| CVE-2024-22165 json | 6.5 - MEDIUM | 2024-01-09 | 2024-01-16 | |
| CVE-2024-22164 json | 4.3 - MEDIUM | 2024-01-09 | 2024-01-16 | |
| CVE-2023-46231 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.2 - HIGH | 2024-01-30 | 2024-02-05 |
| CVE-2023-46230 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 4.9 - MEDIUM | 2024-01-30 | 2024-02-05 |
| CVE-2023-40598 json | In Splunk Enterprise versions below 8.2.12, 9.0.6, and 9.1.1, an attacker can create an external lookup that calls a legacy i... | 8.8 - HIGH | 2023-08-30 | 2023-11-07 |
| CVE-2023-40597 json | In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can exploit an absolute path traversal to exec... | 8.8 - HIGH | 2023-08-30 | 2023-11-07 |
| CVE-2023-40596 json | In Splunk Enterprise versions earlier than 8.2.12, 9.0.6, and 9.1.1, a dynamic link library (DLL) that ships with Splunk Ente... | 8.8 - HIGH | 2023-08-30 | 2023-11-07 |
| CVE-2023-40595 json | In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can execute a specially crafted query that the... | 8.8 - HIGH | 2023-08-30 | 2023-11-07 |
| CVE-2023-40594 json | In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can use the `printf` SPL function to perform a... | 7.5 - HIGH | 2023-08-30 | 2023-11-07 |
| CVE-2023-40593 json | In Splunk Enterprise versions lower than 9.0.6 and 8.2.12, a malicious actor can send a malformed security assertion markup l... | 7.5 - HIGH | 2023-08-30 | 2023-11-07 |
Known software with vulnerabilities from Splunk
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Splunk | Hadoop Connect | - |
| Application | Splunk | Nozzle | - |
| Application | Splunk | Software Development Kit | 0.1.0 |
| Application | Splunk | Splunk | 108.2.13425 |
| Application | Splunk | Universal Forwarder | 4.2.3.105575 |