CPE
high
advisory
Splunk Code Injection via Custom Dashboard Leading to RCE (CVE-2022-43571)
1 TTP 1 CVEAn authenticated user can exploit CVE-2022-43571, a code injection vulnerability within Splunk Enterprise or Splunk Cloud's dashboard PDF generation component, leading to remote code execution (RCE) and potential compromise of the Splunk environment.
Splunk Enterprise +3
splunk
vulnerability
rce
code-injection
application-vulnerability
1t
1c
high
advisory
Splunk XSS Privilege Escalation via Custom URLs in Dashboard (CVE-2024-36992)
2 rules 1 TTP 1 CVEA critical cross-site scripting (XSS) vulnerability, identified as CVE-2024-36992, affects Splunk Enterprise and Splunk Cloud Platform, allowing attackers to achieve privilege escalation by exploiting custom URLs within Splunk dashboards via malicious POST requests to the `splunk_internal_metrics/data/ui/views` endpoint, leading to the creation of new user accounts with elevated access permissions on the Splunk server.
Splunk Enterprise +2
xss
privilege-escalation
splunk
cve
vulnerability
2r
1t
1c