Path traversal SPL injection
|
Splunk
|
File and Directory Discovery
|
TTP
|
Splunk Vulnerabilities
|
2024-10-16
|
Persistent XSS in RapidDiag through User Interface Views
|
Splunk
|
Drive-by Compromise
|
TTP
|
Splunk Vulnerabilities
|
2024-10-16
|
Splunk Absolute Path Traversal Using runshellscript
|
Splunk
|
File and Directory Discovery
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk Account Discovery Drilldown Dashboard Disclosure
|
|
Account Discovery
|
TTP
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk App for Lookup File Editing RCE via User XSLT
|
|
Exploitation of Remote Services
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk Authentication Token Exposure in Debug Log
|
|
Log Enumeration
|
TTP
|
Splunk Vulnerabilities
|
2024-10-16
|
Splunk Code Injection via custom dashboard leading to RCE
|
|
Exploitation of Remote Services
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk Command and Scripting Interpreter Delete Usage
|
Splunk
|
Command and Scripting Interpreter
|
Anomaly
|
Splunk Vulnerabilities
|
2024-10-16
|
Splunk Command and Scripting Interpreter Risky Commands
|
Splunk
|
Command and Scripting Interpreter
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk Command and Scripting Interpreter Risky SPL MLTK
|
Splunk
|
Command and Scripting Interpreter
|
Anomaly
|
Splunk Vulnerabilities
|
2024-10-16
|
Splunk CSRF in the SSG kvstore Client Endpoint
|
Splunk
|
Drive-by Compromise
|
TTP
|
Splunk Vulnerabilities
|
2024-10-16
|
Splunk Data exfiltration from Analytics Workspace using sid query
|
Splunk
|
Exfiltration Over Web Service
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk Digital Certificates Infrastructure Version
|
Splunk
|
Digital Certificates
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk Digital Certificates Lack of Encryption
|
Splunk
|
Digital Certificates
|
Anomaly
|
Splunk Vulnerabilities
|
2024-10-16
|
Splunk Disable KVStore via CSRF Enabling Maintenance Mode
|
Splunk
|
Service Stop
|
TTP
|
Splunk Vulnerabilities
|
2024-10-16
|
Splunk DoS Using Malformed SAML Request
|
Splunk
|
Network Denial of Service
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk DOS Via Dump SPL Command
|
Splunk
|
Application or System Exploitation
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk DoS via Malformed S2S Request
|
Splunk
|
Network Denial of Service
|
TTP
|
Splunk Vulnerabilities
|
2024-10-16
|
Splunk DoS via POST Request Datamodel Endpoint
|
|
Endpoint Denial of Service
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk DOS via printf search function
|
Splunk
|
Application or System Exploitation
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk Edit User Privilege Escalation
|
Splunk
|
Abuse Elevation Control Mechanism
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk Endpoint Denial of Service DoS Zip Bomb
|
Splunk
|
Endpoint Denial of Service
|
TTP
|
Splunk Vulnerabilities
|
2024-10-16
|
Splunk Enterprise KV Store Incorrect Authorization
|
Splunk
|
Abuse Elevation Control Mechanism
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk ES DoS Investigations Manager via Investigation Creation
|
Splunk
|
Endpoint Denial of Service
|
TTP
|
Splunk Vulnerabilities
|
2024-10-16
|
Splunk ES DoS Through Investigation Attachments
|
Splunk
|
Endpoint Denial of Service
|
TTP
|
Splunk Vulnerabilities
|
2024-10-16
|
Splunk HTTP Response Splitting Via Rest SPL Command
|
Splunk
|
HTML Smuggling
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk Image File Disclosure via PDF Export in Classic Dashboard
|
Splunk
|
Account Discovery
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk Improperly Formatted Parameter Crashes splunkd
|
Splunk
|
Endpoint Denial of Service
|
TTP
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk Information Disclosure in Splunk Add-on Builder
|
Splunk
|
System Information Discovery
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk Information Disclosure on Account Login
|
Splunk
|
Account Discovery
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk list all nonstandard admin accounts
|
Splunk
|
Drive-by Compromise
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk Low-Priv Search as nobody SplunkDeploymentServerConfig App
|
Splunk
|
Exploitation for Privilege Escalation
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk Low Privilege User Can View Hashed Splunk Password
|
Splunk
|
Exploitation for Credential Access
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk Path Traversal In Splunk App For Lookup File Edit
|
Splunk
|
File and Directory Discovery
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk Persistent XSS via Props Conf
|
Splunk
|
Drive-by Compromise
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk Persistent XSS via Scheduled Views
|
Splunk
|
Drive-by Compromise
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk Persistent XSS Via URL Validation Bypass W Dashboard
|
Splunk
|
Drive-by Compromise
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk Process Injection Forwarder Bundle Downloads
|
Splunk
|
Process Injection
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk Protocol Impersonation Weak Encryption Configuration
|
Splunk
|
Protocol or Service Impersonation
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk protocol impersonation weak encryption selfsigned
|
Splunk
|
Digital Certificates
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk protocol impersonation weak encryption simplerequest
|
Splunk
|
Digital Certificates
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk RBAC Bypass On Indexing Preview REST Endpoint
|
Splunk
|
Access Token Manipulation
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk RCE PDFgen Render
|
Splunk
|
Exploitation of Remote Services
|
TTP
|
Splunk Vulnerabilities
|
2024-10-16
|
Splunk RCE via External Lookup Copybuckets
|
Splunk
|
Exploitation of Remote Services
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk RCE via Serialized Session Payload
|
Splunk
|
Exploit Public-Facing Application
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk RCE via Splunk Secure Gateway Splunk Mobile alerts feature
|
Splunk
|
Exploitation of Remote Services
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk RCE via User XSLT
|
|
Exploitation of Remote Services
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk Reflected XSS in the templates lists radio
|
Splunk
|
Drive-by Compromise
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk Reflected XSS on App Search Table Endpoint
|
Splunk
|
Drive-by Compromise
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk risky Command Abuse disclosed february 2023
|
Splunk
|
Abuse Elevation Control Mechanism
Indirect Command Execution
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk Sensitive Information Disclosure in DEBUG Logging Channels
|
Splunk
|
Unsecured Credentials
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk SG Information Disclosure for Low Privs User
|
Splunk
|
Account Discovery
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk Stored XSS conf-web Settings on Premises
|
Splunk
|
Drive-by Compromise
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk Stored XSS via Data Model objectName Field
|
Splunk
|
Drive-by Compromise
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk Stored XSS via Specially Crafted Bulletin Message
|
Splunk
|
Drive-by Compromise
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk Unauthenticated DoS via Null Pointer References
|
Splunk
|
Endpoint Denial of Service
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk Unauthenticated Log Injection Web Service Log
|
Splunk
|
Exploit Public-Facing Application
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk Unauthenticated Path Traversal Modules Messaging
|
Splunk
|
File and Directory Discovery
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk Unauthorized Experimental Items Creation
|
Splunk
|
Drive-by Compromise
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk Unauthorized Notification Input by User
|
Splunk
|
Abuse Elevation Control Mechanism
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk unnecessary file extensions allowed by lookup table uploads
|
Splunk
|
Drive-by Compromise
|
TTP
|
Splunk Vulnerabilities
|
2024-10-16
|
Splunk User Enumeration Attempt
|
Splunk
|
Valid Accounts
|
TTP
|
Splunk Vulnerabilities
|
2024-10-16
|
Splunk XSS in Highlighted JSON Events
|
Splunk
|
Drive-by Compromise
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk XSS in Monitoring Console
|
|
Drive-by Compromise
|
TTP
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk XSS in Save table dialog header in search page
|
Splunk
|
Drive-by Compromise
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk XSS Privilege Escalation via Custom Urls in Dashboard
|
Splunk
|
Drive-by Compromise
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk XSS Via External Urls in Dashboards SSRF
|
Splunk
|
Drive-by Compromise
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk XSS via View
|
Splunk
|
Drive-by Compromise
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Open Redirect in Splunk Web
|
|
N/A
|
TTP
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk Enterprise Information Disclosure
|
|
N/A
|
TTP
|
Splunk Vulnerabilities
|
2024-10-17
|
Splunk Identified SSL TLS Certificates
|
Splunk Stream TCP
|
Network Sniffing
|
Hunting
|
Splunk Vulnerabilities
|
2024-10-17
|
Java Class File download by Java User Agent
|
Splunk Stream HTTP
|
Exploit Public-Facing Application
|
TTP
|
Log4Shell CVE-2021-44228
|
2024-10-16
|
Multiple Archive Files Http Post Traffic
|
Splunk Stream HTTP
|
Exfiltration Over Unencrypted Non-C2 Protocol
Exfiltration Over Alternative Protocol
|
TTP
|
Command And Control, Data Exfiltration
|
2024-09-30
|
Plain HTTP POST Exfiltrated Data
|
Splunk Stream HTTP
|
Exfiltration Over Unencrypted Non-C2 Protocol
Exfiltration Over Alternative Protocol
|
TTP
|
Command And Control, Data Exfiltration
|
2024-09-30
|
Web Spring4Shell HTTP Request Class Module
|
Splunk Stream HTTP
|
Exploit Public-Facing Application
External Remote Services
|
TTP
|
Spring4Shell CVE-2022-22965
|
2024-09-30
|
Web Spring Cloud Function FunctionRouter
|
Splunk Stream HTTP
|
Exploit Public-Facing Application
External Remote Services
|
TTP
|
Spring4Shell CVE-2022-22965
|
2024-09-30
|