Skip to main content
CVE-2023-22942 MEDIUM This Month

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, a cross-site request forgery in the Splunk Secure Gateway (SSG) app in the ‘kvstore_client’ REST endpoint lets a potential attacker. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Splunk CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2023-22938 MEDIUM This Month

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘sendemail’ REST API endpoint lets any authenticated user send an email as the Splunk instance. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Splunk Authentication Bypass Splunk Cloud Platform
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-22937 MEDIUM This Month

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the lookup table upload feature let a user upload lookup tables with unnecessary filename extensions. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Splunk Information Disclosure Splunk Cloud Platform
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-22931 MEDIUM This Month

In Splunk Enterprise versions below 8.1.13 and 8.2.10, the ‘createrss’ external search command overwrites existing Resource Description Format Site Summary (RSS) feeds without verifying permissions. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Splunk Authentication Bypass Splunk Cloud Platform
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-25758 MEDIUM This Month

Onekey Touch devices through 4.0.0 and Onekey Mini devices through 2.10.0 allow man-in-the-middle attackers to obtain the seed phase. Rated medium severity (CVSS 4.2), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Onekey Touch Firmware Onekey Mini Firmware
NVD GitHub
CVSS 3.1
4.2
EPSS
0.3%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy