Splunk Splunk Cloud Platform — known CVE vulnerabilities
Every CVE whose affected-product data names Splunk Splunk Cloud Platform, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (106)
CVE-2023-40595 — CVSS 8.8 (high): In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can execute a specially crafted query that they can then use…
CVE-2022-43567 — CVSS 8.8 (high): In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can run arbitrary operating system commands remotely…
CVE-2022-43568 — CVSS 8.8 (high): In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, a View allows for a Reflected Cross Site Scripting via JavaScript Object…
CVE-2022-43570 — CVSS 8.8 (high): In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, an authenticated user can perform an extensible markup language (XML)…
CVE-2022-43571 — CVSS 8.8 (high): In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can execute arbitrary code through the dashboard PDF…
CVE-2023-32707 — CVSS 8.8 (high): In versions of Splunk Enterprise below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform below version 9.0.2303.100, a low-privileged…
CVE-2023-22932 — CVSS 8.7 (high): In Splunk Enterprise 9.0 versions before 9.0.4, a View allows for Cross-Site Scripting (XSS) through the error message in a Base64-encoded…
CVE-2023-40598 — CVSS 8.5 (high): In Splunk Enterprise versions below 8.2.12, 9.0.6, and 9.1.1, an attacker can create an external lookup that calls a legacy internal…
CVE-2023-40592 — CVSS 8.4 (high): In Splunk Enterprise versions below 9.1.1, 9.0.6, and 8.2.12, an attacker can craft a special web request that can result in reflected…
CVE-2022-43565 — CVSS 8.1 (high): In Splunk Enterprise versions below 8.2.9 and 8.1.12, the way that the ‘tstats command handles Javascript Object Notation (JSON) lets an…
CVE-2022-32152 — CVSS 8.1 (high): Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not validate the…
CVE-2022-43563 — CVSS 8.1 (high): In Splunk Enterprise versions below 8.2.9 and 8.1.12, the way that the rex search command handles field names lets an attacker bypass SPL…
CVE-2022-32153 — CVSS 8.1 (high): Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not validate the…
CVE-2023-22939 — CVSS 8.1 (high): In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘map’ search processing language (SPL) command lets a search bypass…
CVE-2024-36997 — CVSS 8.1 (high): In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312, an admin user could store…
CVE-2023-22935 — CVSS 8.1 (high): In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘display.page.search.patterns.sensitivity’ search parameter lets a…
CVE-2023-22933 — CVSS 8.0 (high): In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, a View allows for Cross-Site Scripting (XSS) in an extensible mark-up…
CVE-2024-36983 — CVSS 8.0 (high): In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109 and 9.1.2308.207, an…
CVE-2025-20229 — CVSS 8.0 (high): In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8, and Splunk Cloud Platform versions below 9.3.2408.104, 9.2.2406.108…
CVE-2022-43569 — CVSS 8.0 (high): In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, an authenticated user can inject and store arbitrary scripts that can lead to…
CVE-2023-40597 — CVSS 7.8 (high): In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can exploit an absolute path traversal to execute arbitrary…
CVE-2023-32706 — CVSS 7.7 (high): On Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, an unauthenticated attacker can send specially-crafted messages to the XML…
CVE-2026-20252 — CVSS 7.6 (high): In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.4.2604.3, 10.3.2512.12…
CVE-2026-20239 — CVSS 7.5 (high): In Splunk Enterprise versions below 10.2.2 and 10.0.5, and Splunk Cloud Platform versions below 10.3.2512.8, 10.2.2510.11, 10.1.2507.21…
CVE-2022-43572 — CVSS 7.5 (high): In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, sending a malformed file through the Splunk-to-Splunk (S2S) or HTTP Event…
CVE-2022-32155 — CVSS 7.5 (high): In universal forwarder versions before 9.0, management services are available remotely by default. When not required, it introduces a…
CVE-2025-20371 — CVSS 7.5 (high): In Splunk Enterprise versions below 10.0.1, 9.4.4, 9.3.6 and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.109, 9.3.2408.119 and…
CVE-2022-32151 — CVSS 7.4 (high): The httplib and urllib Python libraries that Splunk shipped with Splunk Enterprise did not validate certificates using the certificate…
CVE-2023-22934 — CVSS 7.3 (high): In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘pivot’ search processing language (SPL) command lets a search…
CVE-2022-43566 — CVSS 7.3 (high): In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can run risky commands using a more privileged user’s…
CVE-2026-20163 — CVSS 7.2 (high): In Splunk Enterprise versions below 10.2.0, 10.0.4, 9.4.9, and 9.3.10, and Splunk Cloud Platform versions below 10.2.2510.5, 10.0.2503.12…
CVE-2023-32708 — CVSS 7.2 (high): In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform versions below 9.0.2303.100, a low-privileged user…
CVE-2024-45732 — CVSS 7.1 (high): In Splunk Enterprise versions below 9.3.1, and 9.2.0 versions below 9.2.3, and Splunk Cloud Platform versions below 9.2.2403.103…
CVE-2026-20258 — CVSS 7.1 (high): In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.11…
CVE-2026-20204 — CVSS 7.1 (high): In Splunk Enterprise versions below 10.2.1, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.5…
CVE-2022-32154 — CVSS 6.8 (medium): Dashboards in Splunk Enterprise versions before 9.0 might let an attacker inject risky search commands into a form token when the token is…
CVE-2026-20144 — CVSS 6.8 (medium): In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.8, and 9.2.11, and Splunk Cloud Platform versions below 10.2.2510.0…
CVE-2026-20202 — CVSS 6.6 (medium): In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.6…
CVE-2023-22941 — CVSS 6.5 (medium): In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, an improperly-formatted ‘INGEST_EVAL’ parameter in a Field…
CVE-2026-20240 — CVSS 6.5 (medium): In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.11, and 9.3.12, and Splunk Cloud Platform versions below 10.4.2603.1, 10.3.2512.9…
CVE-2024-36990 — CVSS 6.5 (medium): In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.2.2403.100, an authenticated…
CVE-2024-45736 — CVSS 6.5 (medium): In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.107, 9.1.2312.204, and…
CVE-2023-40594 — CVSS 6.5 (medium): In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can use the `printf` SPL function to perform a denial of…
CVE-2026-20164 — CVSS 6.5 (medium): In Splunk Enterprise versions below 10.2.0, 10.0.3, 9.4.9, and 9.3.10, and Splunk Cloud Platform versions below 10.2.2510.5, 10.1.2507.16…
CVE-2023-32716 — CVSS 6.5 (medium): In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform versions below 9.0.2303.100, an attacker can…
CVE-2025-20366 — CVSS 6.5 (medium): In Splunk Enterprise versions below 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.111, 9.3.2408.119, and…
CVE-2025-20321 — CVSS 6.5 (medium): In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7 and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.2408.114…
CVE-2025-20228 — CVSS 6.5 (medium): In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform versions below 9.2.2403.108, and 9.1.2312.204, a…
CVE-2022-43561 — CVSS 6.4 (medium): In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, a remote user that holds the “power” Splunk role can store arbitrary…
CVE-2025-20320 — CVSS 6.3 (medium): In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7 and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.107, 9.3.2408.117…
CVE-2023-22936 — CVSS 6.3 (medium): In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘search_listener’ parameter in a search allows for a blind…
CVE-2023-22940 — CVSS 6.3 (medium): In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, aliases of the ‘collect’ search processing language (SPL) command…
CVE-2023-40593 — CVSS 6.3 (medium): In Splunk Enterprise versions lower than 9.0.6 and 8.2.12, a malicious actor can send a malformed security assertion markup language (SAML)…
CVE-2026-20162 — CVSS 6.3 (medium): In Splunk Enterprise versions below 10.2.0, 10.0.3, 9.4.9, and 9.3.9, and Splunk Cloud Platform versions below 10.2.2510.4, 10.1.2507.15…
CVE-2026-20165 — CVSS 6.3 (medium): In Splunk Enterprise versions below 10.2.1, 10.0.4, 9.4.9, and 9.3.10, and Splunk Cloud Platform versions below 10.2.2510.7, 10.1.2507.17…
CVE-2025-20232 — CVSS 5.7 (medium): In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform versions below 9.3.2408.103, 9.2.2406.108…
CVE-2026-20254 — CVSS 5.7 (medium): In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13…
CVE-2024-53244 — CVSS 5.7 (medium): In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions below 9.2.2406.107, 9.2.2403.109, and…
CVE-2025-20226 — CVSS 5.7 (medium): In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform versions below 9.3.2408.107, 9.2.2406.111, and…
CVE-2025-20367 — CVSS 5.7 (medium): In Splunk Enterprise versions below 9.4.4, 9.3.6 and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.109, 9.3.2408.119 and…
CVE-2025-20368 — CVSS 5.7 (medium): In Splunk Enterprise versions below 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.108, 9.3.2408.118 and…
CVE-2026-20257 — CVSS 5.7 (medium): In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13…
CVE-2026-20256 — CVSS 5.7 (medium): In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13…
CVE-2026-20255 — CVSS 5.7 (medium): In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13…
CVE-2026-20259 — CVSS 5.5 (medium): In Splunk Enterprise versions below 10.2.4 and 10.0.7, and Splunk Cloud Platform versions below 10.4.2604.0, 10.3.2512.12, 10.2.2510.15…
CVE-2024-45741 — CVSS 5.4 (medium): In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108 and 9.1.2312.205, a…
CVE-2024-36995 — CVSS 5.4 (medium): In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a…
CVE-2026-20166 — CVSS 5.4 (medium): In Splunk Enterprise versions below 10.2.1 and 10.0.4, and Splunk Cloud Platform versions below 10.2.2510.5, 10.1.2507.16, and…
CVE-2024-36992 — CVSS 5.4 (medium): In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a…
CVE-2024-45740 — CVSS 5.4 (medium): In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403, a low-privileged user that does not…
CVE-2024-36994 — CVSS 5.4 (medium): In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a…
CVE-2024-36993 — CVSS 5.4 (medium): In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a…
CVE-2025-20324 — CVSS 5.4 (medium): In Splunk Enterprise versions below 9.4.2, 9.3.5, 9.2.7, and 9.1.10 and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.2408.113…
CVE-2024-36996 — CVSS 5.3 (medium): In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109, an attacker could…
CVE-2025-20384 — CVSS 5.3 (medium): In Splunk Enterprise versions below 10.0.1, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.4, 10.0.2503.6…
CVE-2024-53246 — CVSS 5.3 (medium): In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions below 9.3.2408.101, 9.2.2406.106…
CVE-2022-43564 — CVSS 4.9 (medium): In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, a remote user who can create search macros and schedule search reports can…
CVE-2025-20370 — CVSS 4.9 (medium): In Splunk Enterprise versions below 10.0.1, 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.108, 9.3.2408.118…
CVE-2023-32710 — CVSS 4.8 (medium): In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and in Splunk Cloud Platform versions below 9.0.2303.100, a low-privileged…
CVE-2025-20369 — CVSS 4.6 (medium): In Splunk Enterprise versions below 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.108, 9.3.2408.118 and…
CVE-2023-32709 — CVSS 4.3 (medium): In Splunk Enterprise versions below 9.0.5, 8.2.11. and 8.1.14, and Splunk Cloud Platform versions below 9.0.2303.100, a low-privileged user…
CVE-2025-20227 — CVSS 4.3 (medium): In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and Splunk Cloud Platform versions below 9.3.2408.107, 9.2.2406.112…
CVE-2024-45737 — CVSS 4.3 (medium): In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108, and 9.1.2312.204, a…
CVE-2024-45735 — CVSS 4.3 (medium): In Splunk Enterprise versions below 9.2.3 and 9.1.6, and Splunk Secure Gateway versions on Splunk Cloud Platform versions below 3.4.259…
CVE-2025-20297 — CVSS 4.3 (medium): In Splunk Enterprise versions below 9.4.2, 9.3.4 and 9.2.6, and Splunk Cloud Platform versions below 9.3.2411.102, 9.3.2408.111 and…
CVE-2025-20300 — CVSS 4.3 (medium): In Splunk Enterprise versions below 9.4.2, 9.3.5, 9.2.6, and 9.1.9 and Splunk Cloud Platform versions below 9.3.2411.103, 9.3.2408.112, and…
CVE-2025-20322 — CVSS 4.3 (medium): In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.2408.113…
CVE-2025-20383 — CVSS 4.3 (medium): In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and below 3.9.10, 3.8.58, and 3.7.28 of Splunk Secure Gateway app in…
CVE-2025-20389 — CVSS 4.3 (medium): In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and versions below 3.9.10, 3.8.58 and 3.7.28 of the Splunk Secure…
CVE-2026-20139 — CVSS 4.3 (medium): In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.8, 9.3.9, and 9.2.12, and Splunk Cloud Platform versions below 10.2.2510.3…
CVE-2023-32717 — CVSS 4.3 (medium): On Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and in Splunk Cloud Platform versions below 9.0.2303.100, an unauthorized…
CVE-2026-20203 — CVSS 4.3 (medium): In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.6…
CVE-2023-22938 — CVSS 4.3 (medium): In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘sendemail’ REST API endpoint lets any authenticated user send an…
CVE-2023-22937 — CVSS 4.3 (medium): In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the lookup table upload feature let a user upload lookup tables with…
CVE-2023-22931 — CVSS 4.3 (medium): In Splunk Enterprise versions below 8.1.13 and 8.2.10, the ‘createrss’ external search command overwrites existing Resource Description…
CVE-2026-20137 — CVSS 3.5 (low): In Splunk Enterprise versions below 10.2.0, 10.0.3, 9.4.5, 9.3.7, and 9.2.9, and Splunk Cloud Platform versions below 10.1.2507.0…
CVE-2025-20382 — CVSS 3.5 (low): In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.10, 10.0.2503.8…
CVE-2025-20379 — CVSS 3.5 (low): In Splunk Enterprise versions below 10.0.1, 9.4.5, 9.3.7, and 9.2.9 and Splunk Cloud Platform versions below 9.3.2411.116, 9.3.2408.124…
CVE-2024-53245 — CVSS 3.1 (low): In Splunk Enterprise versions below 9.3.0, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions below 9.1.2312.206, a low-privileged user…
CVE-2025-20325 — CVSS 3.1 (low): In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.103, 9.3.2408.113…
CVE-2022-43562 — CVSS 3.0 (low): In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, Splunk Enterprise fails to properly validate and escape the Host header…
CVE-2025-20388 — CVSS 2.7 (low): In Splunk Enterprise versions below 10.0.1, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.4, 10.0.2503.7…
CVE-2022-37438 — CVSS 2.6 (low): In Splunk Enterprise versions in the following table, an authenticated user can craft a dashboard that could potentially leak information…
CVE-2025-20385 — CVSS 2.4 (low): In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.6, 10.0.2503.7…