[UPDATE] [medium] Splunk Splunk Enterprise: Multiple vulnerabilities in third-party components
An attacker can exploit multiple vulnerabilities in Splunk Splunk Enterprise in various third-party components to carry out an unspecified attack.
CSIRTS triage
- What
- An attacker can exploit multiple vulnerabilities in Splunk Splunk Enterprise in various third-party components to carry out an unspecified attack.
- Who is affected
- Deployments of Splunk Splunk Enterprise.
- Urgency
- Remediation is medium urgency due to the unspecified nature of the attacks.
- Action
- Monitor for updates and apply patches when available.
AI-assisted analysis generated from the source advisory — verify against the original.
⚡ Watch Splunk Enterprise
Get an email when a new Splunk Enterprise advisory drops — max one per day, one-click unsubscribe.
Details
Original advisory: https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1350
Exploitation outlook
EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.
- Moderate exploitation riskCVE-2017-160424.4% 30-day exploitation probability. Patch within normal cadence, watch for KEV listing. Riskier than 90% of all scored CVEs.
- Exploitation likely imminentCVE-2018-25032EPSS puts this in the most-targeted tier (51.7% 30-day exploitation probability). Prioritize alongside KEV items. Riskier than 99% of all scored CVEs.
- Moderate exploitation riskCVE-2019-107445.0% 30-day exploitation probability. Patch within normal cadence, watch for KEV listing. Riskier than 91% of all scored CVEs.
- Moderate exploitation riskCVE-2019-107463.5% 30-day exploitation probability. Patch within normal cadence, watch for KEV listing. Riskier than 88% of all scored CVEs.
- Moderate exploitation riskCVE-2019-201492.3% 30-day exploitation probability. Patch within normal cadence, watch for KEV listing. Riskier than 81% of all scored CVEs.
- Moderate exploitation riskCVE-2020-138222.6% 30-day exploitation probability. Patch within normal cadence, watch for KEV listing. Riskier than 84% of all scored CVEs.
- Moderate exploitation riskCVE-2020-151382.0% 30-day exploitation probability. Patch within normal cadence, watch for KEV listing. Riskier than 79% of all scored CVEs.
- Moderate exploitation riskCVE-2020-284694.5% 30-day exploitation probability. Patch within normal cadence, watch for KEV listing. Riskier than 90% of all scored CVEs.
- Moderate exploitation riskCVE-2020-76623.0% 30-day exploitation probability. Patch within normal cadence, watch for KEV listing. Riskier than 86% of all scored CVEs.
- Moderate exploitation riskCVE-2020-77533.7% 30-day exploitation probability. Patch within normal cadence, watch for KEV listing. Riskier than 89% of all scored CVEs.
Referenced CVEs
+12 more CVEs referenced in this advisory.
Same CVEs, other sources
How other CERTs, PSIRTs and databases cover the vulnerabilities in this advisory.
Recent advisories for Splunk Splunk Enterprise
A cluster of recent advisories against the same product widens the attack surface — attackers routinely chain freshly published CVEs on one product, so review these together.
- high[UPDATE] [high] Splunk Splunk Enterprise: Multiple vulnerabilitiescert-bund · 2026-07-10
- high[UPDATE] [high] Splunk Splunk Enterprise: Multiple vulnerabilitiescert-bund · 2026-07-03
- unknownexploitedNCSC-2026-0198 [1.01] [M/H] Vulnerabilities fixed in Splunk Enterprise and Splunk Cloud Platformncsc-nl · 2026-06-19
- criticalexploitedCVE-2026-20253: Splunk Enterprise Missing Authentication for Critical Function Vulnerabilitycisa-kev · 2026-06-18
More from CERT-Bund (BSI) Security Advisories
- medium[NEW] [medium] DENX U-Boot: Multiple vulnerabilities allow execution of arbitrary code and DoS2026-07-10
- medium[NEW] [medium] Samsung Android: Multiple vulnerabilities2026-07-10
- medium[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities allow denial of service2026-07-10
- medium[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities allow unspecified attack2026-07-10
- medium[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities allow denial of service2026-07-10