Multiple Vulnerabilities in Splunk Enterprise and Cloud Expose Data to Exfiltration

Multiple Vulnerabilities in Splunk Enterprise and Cloud Expose Data to Exfiltration

1h ago advisory.splunk.com 80% similarity 72.6
Share:

Article Content

Browse articles
ThreatCluster

Splunk has disclosed several vulnerabilities affecting its Enterprise and Cloud platforms, specifically versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13. These vulnerabilities allow low-privileged users to exfiltrate sensitive data through crafted classic dashboards and other methods. Attack vectors include CSS injection, protocol-relative URLs, and flawed URL validation, enabling unauthorized access to external domains. The vulnerabilities have been rated with severity scores ranging from 5.7 (Medium) to 9.8 (Critical). Users are advised to upgrade to the latest versions and restrict dashboard permissions to mitigate risks. Splunk is actively monitoring and patching affected instances. The vulnerabilities impact organizations using Splunk for data analysis and monitoring.

Key Points: • Splunk vulnerabilities allow low-privileged users to exfiltrate data via crafted dashboards. • Affected versions include Splunk Enterprise below 10.2.4 and Splunk Cloud below 10.4.2604.3. • Splunk rates the most severe vulnerability at 9.8, indicating critical risk.

ThreatCluster AI

Timeline

2026-06-12
Splunk vulnerabilities disclosed
Splunk announced multiple vulnerabilities affecting various versions of its Enterprise and Cloud platforms, enabling data exfiltration.
advisory.splunk.com
2026-06-12
Vulnerability SVD-2026-0602 rated critical
This vulnerability allows server-side requests to arbitrary internal destinations, rated 9.8 (Critical).
advisory.splunk.com
2026-06-12
Vulnerability SVD-2026-0604 rated medium
This vulnerability enables data exfiltration via CSS injection, rated 5.7 (Medium).
advisory.splunk.com
2026-06-12
Vulnerability SVD-2026-0606 disclosed
This vulnerability allows redirection to external sites using protocol-relative URLs, rated 5.7 (Medium).
advisory.splunk.com
2026-06-12
Vulnerability SVD-2026-0605 disclosed
This vulnerability allows data exfiltration through incomplete URL validation, rated 5.7 (Medium).
advisory.splunk.com
2026-06-12
Vulnerability SVD-2026-0603 disclosed
This vulnerability allows unauthenticated users to create or truncate files, rated 9.8 (Critical).
advisory.splunk.com

Extracted Entities

1 / 2

Community

Browse all →