threat
engine
.sh
Back
·
··:··
Home
/
Product
/
splunk cloud platform
Product
splunk cloud platform
96 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2026-20204
>= 9.3.2411 and < 9.3.2411.127
In Splunk Enterprise versions below 10.2.1, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3
7.1
HIGH
CVE-2026-20203
>= 9.3.2411 and < 9.3.2411.127
In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3
4.3
MEDIUM
CVE-2026-20202
>= 9.3.2411 and < 9.3.2411.127
In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3
6.6
MEDIUM
CVE-2026-20166
>= 10.0.2503 and < 10.0.2503.12
In Splunk Enterprise versions below 10.2.1 and 10.0.4, and Splunk Cloud Platform versions below 10.2.2510.5, 10.1.2507.16, and 10.
5.4
MEDIUM
CVE-2026-20165
>= 9.3.2411 and < 9.3.2411.124
In Splunk Enterprise versions below 10.2.1, 10.0.4, 9.4.9, and 9.3.10, and Splunk Cloud Platform versions below 10.2.2510.7, 10.1.
6.3
MEDIUM
CVE-2026-20164
>= 9.3.2411 and < 9.3.2411.123
In Splunk Enterprise versions below 10.2.0, 10.0.3, 9.4.9, and 9.3.10, and Splunk Cloud Platform versions below 10.2.2510.5, 10.1.
6.5
MEDIUM
CVE-2026-20163
>= 9.3.2411 and < 9.3.2411.124
In Splunk Enterprise versions below 10.2.0, 10.0.4, 9.4.9, and 9.3.10, and Splunk Cloud Platform versions below 10.2.2510.5, 10.0.
7.2
HIGH
CVE-2026-20162
>= 9.3.2411 and < 9.3.2411.123
In Splunk Enterprise versions below 10.2.0, 10.0.3, 9.4.9, and 9.3.9, and Splunk Cloud Platform versions below 10.2.2510.4, 10.1.2
6.3
MEDIUM
CVE-2026-20144
>= 9.3.2411 and < 9.3.2411.120
In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.8, and 9.2.11, and Splunk Cloud Platform versions below 10.2.2510.0
6.8
MEDIUM
CVE-2026-20139
>= 9.3.2411 and < 9.3.2411.121
In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.8, 9.3.9, and 9.2.12, and Splunk Cloud Platform versions below 10.2.2510.3
4.3
MEDIUM
CVE-2026-20137
>= 9.3.2408 and < 9.3.2408.122
In Splunk Enterprise versions below 10.2.0, 10.0.3, 9.4.5, 9.3.7, and 9.2.9, and Splunk Cloud Platform versions below 10.1.2507.0,
3.5
LOW
CVE-2025-20389
>= 9.3.2411 and < 9.3.2411.120
In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and versions below 3.9.10, 3.8.58 and 3.7.28 of the Splunk S
4.3
MEDIUM
CVE-2025-20388
>= 9.3.2411 and < 9.3.2411.116
In Splunk Enterprise versions below 10.0.1, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.4, 10.0.2
2.7
LOW
CVE-2025-20385
>= 9.3.2411 and < 9.3.2411.117
In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.6, 10.0.2
2.4
LOW
CVE-2025-20384
>= 9.3.2411 and < 9.3.2411.117
In Splunk Enterprise versions below 10.0.1, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.4, 10.0.2
5.3
MEDIUM
CVE-2025-20383
>= 9.3.2411 and < 9.3.2411.120
In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and below 3.9.10, 3.8.58, and 3.7.28 of Splunk Secure Gatewa
4.3
MEDIUM
CVE-2025-20382
>= 9.3.2411 and < 9.3.2411.120
In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.10, 10.0.
3.5
LOW
CVE-2025-20379
>= 9.3.2408 and < 9.3.2408.124
In Splunk Enterprise versions below 10.0.1, 9.4.5, 9.3.7, and 9.2.9 and Splunk Cloud Platform versions below 9.3.2411.116, 9.3.240
3.5
LOW
CVE-2025-20378
>= 9.3.2408 and < 9.3.2408.121
In Splunk Enterprise versions below 10.0.1, 9.4.5, 9.3.7, 9.2.9, and Splunk Cloud Platform versions below 10.0.2503.5, 9.3.2411.11
3.1
LOW
CVE-2025-20371
>= 9.2.2406 and < 9.2.2406.122
In Splunk Enterprise versions below 10.0.1, 9.4.4, 9.3.6 and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.109, 9.3.240
7.5
HIGH
CVE-2025-20370
>= 9.2.2406 and < 9.2.2406.123
In Splunk Enterprise versions below 10.0.1, 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.108, 9.3.24
4.9
MEDIUM
CVE-2025-20369
>= 9.2.2406 and < 9.2.2406.123
In Splunk Enterprise versions below 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.108, 9.3.2408.118 a
4.6
MEDIUM
CVE-2025-20368
>= 9.2.2406 and < 9.2.2406.123
In Splunk Enterprise versions below 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.108, 9.3.2408.118 a
5.7
MEDIUM
CVE-2025-20367
>= 9.2.2406 and < 9.2.2406.122
In Splunk Enterprise versions below 9.4.4, 9.3.6 and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.109, 9.3.2408.119 an
5.7
MEDIUM
CVE-2025-20366
>= 9.2.2406 and < 9.2.2406.122
In Splunk Enterprise versions below 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.111, 9.3.2408.119,
6.5
MEDIUM
CVE-2025-20325
>= 9.2.2406 and < 9.2.2406.119
In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.103, 9.3.24
3.1
LOW
CVE-2025-20324
>= 9.2.2406 and < 9.2.2406.119
In Splunk Enterprise versions below 9.4.2, 9.3.5, 9.2.7, and 9.1.10 and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.240
5.4
MEDIUM
CVE-2025-20322
>= 9.2.2406 and < 9.2.2406.119
In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.24
4.3
MEDIUM
CVE-2025-20321
>= 9.2.2406 and < 9.2.2406.119
In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7 and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.240
6.5
MEDIUM
CVE-2025-20320
>= 9.2.2406 and < 9.2.2406.121
In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7 and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.107, 9.3.240
6.3
MEDIUM
CVE-2025-20300
>= 9.2.2406 and < 9.2.2406.118
In Splunk Enterprise versions below 9.4.2, 9.3.5, 9.2.6, and 9.1.9 and Splunk Cloud Platform versions below 9.3.2411.103, 9.3.2408
4.3
MEDIUM
CVE-2025-20297
>= 9.2.2406 and < 9.2.2406.118
In Splunk Enterprise versions below 9.4.2, 9.3.4 and 9.2.6, and Splunk Cloud Platform versions below 9.3.2411.102, 9.3.2408.111 an
4.3
MEDIUM
CVE-2025-20232
>= 9.1.2308 and < 9.1.2308.212
In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform versions below 9.3.2408.103, 9.2.2406.108, 9
5.7
MEDIUM
CVE-2025-20229
>= 9.1.2312 and < 9.1.2312.208
In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8, and Splunk Cloud Platform versions below 9.3.2408.104, 9.2.2406.108,
8.0
HIGH
CVE-2025-20228
>= 9.1.2312 and < 9.1.2312.204
In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform versions below 9.2.2403.108, and 9.1.2312.20
6.5
MEDIUM
CVE-2025-20227
>= 9.1.2308 and < 9.1.2308.214
In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and Splunk Cloud Platform versions below 9.3.2408.107, 9.2.240
4.3
MEDIUM
CVE-2025-20226
>= 9.1.2308 and < 9.1.2308.214
In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform versions below 9.3.2408.107, 9.2.2406
5.7
MEDIUM
CVE-2024-53246
>= 9.1.2312 and < 9.1.2312.206
In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions below 9.3.2408.101, 9.2.2406.106, 9
5.3
MEDIUM
CVE-2024-53245
>= 9.1.2312 and < 9.1.2312.206
In Splunk Enterprise versions below 9.3.0, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions below 9.1.2312.206, a low-privilege
3.1
LOW
CVE-2024-53244
>= 9.1.2312 and < 9.1.2312.206
In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions below 9.2.2406.107, 9.2.2403.109, a
5.7
MEDIUM
CVE-2024-45741
>= 9.1.2312 and < 9.1.2312.205
In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108 and 9.1.2312.205, a low-
5.4
MEDIUM
CVE-2024-45740
< 9.2.2403.100
In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403, a low-privileged user that
5.4
MEDIUM
CVE-2024-45737
>= 9.1.2312 and < 9.1.2312.204
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108, and 9.1.2312.20
4.3
MEDIUM
CVE-2024-45736
>= 9.1.2312 and < 9.1.2312.111
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.107, 9.1.2312.204, a
6.5
MEDIUM
CVE-2024-45735
< 3.4.259
In Splunk Enterprise versions below 9.2.3 and 9.1.6, and Splunk Secure Gateway versions on Splunk Cloud Platform versions below 3.
4.3
MEDIUM
CVE-2024-45732
< 9.1.2308.208
In Splunk Enterprise versions below 9.3.1, and 9.2.0 versions below 9.2.3, and Splunk Cloud Platform versions below 9.2.2403.103,
7.1
HIGH
CVE-2024-36997
>= 9.1.2312 and < 9.1.2312.100
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312, an admin user coul
8.1
HIGH
CVE-2024-36996
>= 9.1.2312 and < 9.1.2312.109
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109, an attacker co
5.3
MEDIUM
CVE-2024-36995
>= 9.1.2308 and < 9.1.2308.207
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.20
5.4
MEDIUM
CVE-2024-36994
>= 9.1.2308 and <= 9.1.2308.207
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.20
5.4
MEDIUM
CVE-2024-36993
>= 9.1.2308 and < 9.1.2308.207
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.20
5.4
MEDIUM
CVE-2024-36992
>= 9.1.2308 and < 9.1.2308.207
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.20
5.4
MEDIUM
CVE-2024-36990
>= 9.1.2308 and < 9.1.2308.209
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.2.2403.100, an authenticat
6.5
MEDIUM
CVE-2024-36983
>= 9.1.2308 and < 9.1.2308.207
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109 and 9.1.2308.20
8.0
HIGH
CVE-2023-40598
< 9.0.2305.200
In Splunk Enterprise versions below 8.2.12, 9.0.6, and 9.1.1, an attacker can create an external lookup that calls a legacy intern
8.5
HIGH
CVE-2023-40597
<= 9.0.2305.100
In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can exploit an absolute path traversal to execute a
7.8
HIGH
CVE-2023-40595
<= 9.0.2305.100
In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can execute a specially crafted query that they can
8.8
HIGH
CVE-2023-40594
<= 9.0.2305.100
In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can use the
printf
SPL function to perform a deni
6.5
MEDIUM
CVE-2023-40593
<= 9.0.2305.100
In Splunk Enterprise versions lower than 9.0.6 and 8.2.12, a malicious actor can send a malformed security assertion markup langua
6.3
MEDIUM
CVE-2023-40592
<= 9.0.2305.100
In Splunk Enterprise versions below 9.1.1, 9.0.6, and 8.2.12, an attacker can craft a special web request that can result in refle
8.4
HIGH
CVE-2023-32717
< 9.0.2303.100
On Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and in Splunk Cloud Platform versions below 9.0.2303.100, an unauth
4.3
MEDIUM
CVE-2023-32716
< 9.0.2303.100
In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform versions below 9.0.2303.100, an attacker
6.5
MEDIUM
CVE-2023-32710
< 9.0.2303.100
In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and in Splunk Cloud Platform versions below 9.0.2303.100, a low-pri
4.8
MEDIUM
CVE-2023-32709
< 9.0.2303.100
In Splunk Enterprise versions below 9.0.5, 8.2.11. and 8.1.14, and Splunk Cloud Platform versions below 9.0.2303.100, a low-privil
4.3
MEDIUM
CVE-2023-32708
< 9.0.2303.100
In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform versions below 9.0.2303.100, a low-privil
7.2
HIGH
CVE-2023-32707
< 9.0.2303.100
In versions of Splunk Enterprise below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform below version 9.0.2303.100, a low-priv
8.8
HIGH
CVE-2023-32706
< 9.0.2303.100
On Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, an unauthenticated attacker can send specially-crafted messages to
7.7
HIGH
CVE-2023-22941
< 9.0.2209.3
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, an improperly-formatted ‘INGEST_EVAL’ parameter in a Field Tran
6.5
MEDIUM
CVE-2023-22940
< 9.0.2209.3
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, aliases of the ‘collect’ search processing language (SPL) comma
6.3
MEDIUM
CVE-2023-22939
< 9.0.2209.3
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘map’ search processing language (SPL) command lets a searc
8.1
HIGH
CVE-2023-22938
< 9.0.2209.3
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘sendemail’ REST API endpoint lets any authenticated user s
4.3
MEDIUM
CVE-2023-22937
< 9.0.2209.3
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the lookup table upload feature let a user upload lookup tables wit
4.3
MEDIUM
CVE-2023-22936
< 9.0.2209.3
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘search_listener’ parameter in a search allows for a blind
6.3
MEDIUM
CVE-2023-22935
< 9.0.2209.3
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘display.page.search.patterns.sensitivity’ search parameter
8.1
HIGH
CVE-2023-22934
< 9.0.2209.3
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘pivot’ search processing language (SPL) command lets a sea
7.3
HIGH
CVE-2023-22933
< 9.0.2209
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, a View allows for Cross-Site Scripting (XSS) in an extensible mark-
8.0
HIGH
CVE-2023-22932
< 9.0.2209.3
In Splunk Enterprise 9.0 versions before 9.0.4, a View allows for Cross-Site Scripting (XSS) through the error message in a Base64
8.7
HIGH
CVE-2023-22931
< 8.2.2203
In Splunk Enterprise versions below 8.1.13 and 8.2.10, the ‘createrss’ external search command overwrites existing Resource De
4.3
MEDIUM
CVE-2022-43572
< 9.0.2209
In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, sending a malformed file through the Splunk-to-Splunk (S2S) or HTTP
7.5
HIGH
CVE-2022-43570
< 9.0.2209
In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, an authenticated user can perform an extensible markup language (XML
8.8
HIGH
CVE-2022-43569
< 9.0.2209
In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, an authenticated user can inject and store arbitrary scripts that ca
8.0
HIGH
CVE-2022-43568
< 9.0.2205
In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, a View allows for a Reflected Cross Site Scripting via JavaScript Ob
8.8
HIGH
CVE-2022-43567
< 9.0.2205
In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can run arbitrary operating system commands re
8.8
HIGH
CVE-2022-43566
< 9.0.2208
In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can run risky commands using a more privileged
7.3
HIGH
CVE-2022-43565
< 9.0.2203
In Splunk Enterprise versions below 8.2.9 and 8.1.12, the way that the ‘tstats command handles Javascript Object Notation (JSON)
8.1
HIGH
CVE-2022-43564
< 9.0.2205
In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, a remote user who can create search macros and schedule search repor
4.9
MEDIUM
CVE-2022-43563
< 9.0.2203
In Splunk Enterprise versions below 8.2.9 and 8.1.12, the way that the rex search command handles field names lets an attacker byp
8.1
HIGH
CVE-2022-43562
< 9.0.2208
In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, Splunk Enterprise fails to properly validate and escape the Host hea
3.0
LOW
CVE-2022-43571
< 9.0.2209
In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can execute arbitrary code through the dashboa
8.8
HIGH
CVE-2022-43561
< 9.0.2208
In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, a remote user that holds the “power” Splunk role can store arbit
6.4
MEDIUM
CVE-2022-37438
<= 8.2.2203.4
In Splunk Enterprise versions in the following table, an authenticated user can craft a dashboard that could potentially leak info
2.6
LOW
CVE-2022-32155
< 8.2.2106
In universal forwarder versions before 9.0, management services are available remotely by default. When not required, it introduce
7.5
HIGH
CVE-2022-32154
< 8.2.2106
Dashboards in Splunk Enterprise versions before 9.0 might let an attacker inject risky search commands into a form token when the
6.8
MEDIUM
CVE-2022-32153
< 8.2.2203
Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not valida
8.1
HIGH
CVE-2022-32152
< 8.2.2203
Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not valida
8.1
HIGH
CVE-2022-32151
< 8.2.2203
The httplib and urllib Python libraries that Splunk shipped with Splunk Enterprise did not validate certificates using the certifi
7.4
HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin