Refine your search
15 vulnerabilities found for by splunk
CVE-2025-20388 (GCVE-0-2025-20388)
Vulnerability from cvelistv5
Published
2025-12-03 17:00
Modified
2025-12-03 18:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-918 - The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
Summary
In Splunk Enterprise versions below 10.0.1, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.4, 10.0.2503.7, and 9.3.2411.116, a user who holds a role that contains the high privilege capability `change_authentication` could enumerate internal IP addresses and network ports when adding new search peers to a Splunk search head in a distributed environment.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Splunk | Splunk Enterprise |
Version: 10.0 < 10.0.1 Version: 9.4 < 9.4.6 Version: 9.3 < 9.3.8 Version: 9.2 < 9.2.10 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20388",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-03T18:12:35.294523Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T18:14:46.236Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Splunk Enterprise",
"vendor": "Splunk",
"versions": [
{
"lessThan": "10.0.1",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "9.4.6",
"status": "affected",
"version": "9.4",
"versionType": "custom"
},
{
"lessThan": "9.3.8",
"status": "affected",
"version": "9.3",
"versionType": "custom"
},
{
"lessThan": "9.2.10",
"status": "affected",
"version": "9.2",
"versionType": "custom"
}
]
},
{
"product": "Splunk Cloud Platform",
"vendor": "Splunk",
"versions": [
{
"lessThan": "10.1.2507.4",
"status": "affected",
"version": "10.1.2507",
"versionType": "custom"
},
{
"lessThan": "10.0.2503.6",
"status": "affected",
"version": "10.0.2503",
"versionType": "custom"
},
{
"lessThan": "9.3.2411.116",
"status": "affected",
"version": "9.3.2411",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Mr Hack (try_to_hack) Santiago Lopez"
}
],
"datePublic": "2025-12-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Splunk Enterprise versions below 10.0.1, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.4, 10.0.2503.7, and 9.3.2411.116, a user who holds a role that contains the high privilege capability `change_authentication` could enumerate internal IP addresses and network ports when adding new search peers to a Splunk search head in a distributed environment."
}
],
"value": "In Splunk Enterprise versions below 10.0.1, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.4, 10.0.2503.7, and 9.3.2411.116, a user who holds a role that contains the high privilege capability `change_authentication` could enumerate internal IP addresses and network ports when adding new search peers to a Splunk search head in a distributed environment."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 2.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T17:00:59.450Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2025-1207"
}
],
"source": {
"advisory": "SVD-2025-1207"
},
"title": "Blind Server Side Request Forgery (SSRF) through Distributed Search Peers in Splunk Enterprise"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20388",
"datePublished": "2025-12-03T17:00:59.450Z",
"dateReserved": "2024-10-10T19:15:13.265Z",
"dateUpdated": "2025-12-03T18:14:46.236Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20389 (GCVE-0-2025-20389)
Vulnerability from cvelistv5
Published
2025-12-03 17:00
Modified
2025-12-03 21:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-20 - The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program.
Summary
In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and versions below 3.9.10, 3.8.58 and 3.7.28 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload through the `label` column field after adding a new device in the Splunk Secure Gateway app. This could potentially lead to a client-side denial of service (DoS).
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Splunk | Splunk Enterprise |
Version: 10.0 < 10.0.2 Version: 9.4 < 9.4.6 Version: 9.3 < 9.3.8 Version: 9.2 < 9.2.10 |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20389",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-03T21:36:48.311013Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T21:37:01.207Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Splunk Enterprise",
"vendor": "Splunk",
"versions": [
{
"lessThan": "10.0.2",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "9.4.6",
"status": "affected",
"version": "9.4",
"versionType": "custom"
},
{
"lessThan": "9.3.8",
"status": "affected",
"version": "9.3",
"versionType": "custom"
},
{
"lessThan": "9.2.10",
"status": "affected",
"version": "9.2",
"versionType": "custom"
}
]
},
{
"product": "Splunk Cloud Platform",
"vendor": "Splunk",
"versions": [
{
"lessThan": "10.1.2507.6",
"status": "affected",
"version": "10.1.2507",
"versionType": "custom"
},
{
"lessThan": "10.0.2503.8",
"status": "affected",
"version": "10.0.2503",
"versionType": "custom"
},
{
"lessThan": "9.3.2411.120",
"status": "affected",
"version": "9.3.2411",
"versionType": "custom"
}
]
},
{
"product": "Splunk Secure Gateway",
"vendor": "Splunk",
"versions": [
{
"lessThan": "3.9.10",
"status": "affected",
"version": "3.9",
"versionType": "custom"
},
{
"lessThan": "3.8.58",
"status": "affected",
"version": "3.8",
"versionType": "custom"
},
{
"lessThan": "3.7.28",
"status": "affected",
"version": "3.7",
"versionType": "custom"
}
]
}
],
"datePublic": "2025-12-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and versions below 3.9.10, 3.8.58 and 3.7.28 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could craft a malicious payload through the `label` column field after adding a new device in the Splunk Secure Gateway app. This could potentially lead to a client-side denial of service (DoS)."
}
],
"value": "In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and versions below 3.9.10, 3.8.58 and 3.7.28 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could craft a malicious payload through the `label` column field after adding a new device in the Splunk Secure Gateway app. This could potentially lead to a client-side denial of service (DoS)."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program.",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T17:00:55.364Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2025-1208"
}
],
"source": {
"advisory": "SVD-2025-1208"
},
"title": "Improper Input Validation in \"label\" column field in Splunk Secure Gateway App"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20389",
"datePublished": "2025-12-03T17:00:55.364Z",
"dateReserved": "2024-10-10T19:15:13.266Z",
"dateUpdated": "2025-12-03T21:37:01.207Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20387 (GCVE-0-2025-20387)
Vulnerability from cvelistv5
Published
2025-12-03 17:00
Modified
2025-12-04 04:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-732 - The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
Summary
In Splunk Universal Forwarder for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new installation of or an upgrade to an affected version can result in incorrect permissions assignment in the Universal Forwarder for Windows Installation directory. This lets non-administrator users on the machine access the directory and all its contents.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Splunk | Splunk Enterprise |
Version: 10.0 < 10.0.2 Version: 9.4 < 9.4.6 Version: 9.3 < 9.3.8 Version: 9.2 < 9.2.10 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20387",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-03T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-04T04:55:18.275Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Splunk Enterprise",
"vendor": "Splunk",
"versions": [
{
"lessThan": "10.0.2",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "9.4.6",
"status": "affected",
"version": "9.4",
"versionType": "custom"
},
{
"lessThan": "9.3.8",
"status": "affected",
"version": "9.3",
"versionType": "custom"
},
{
"lessThan": "9.2.10",
"status": "affected",
"version": "9.2",
"versionType": "custom"
}
]
}
],
"datePublic": "2025-12-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Splunk Universal Forwarder for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new installation of or an upgrade to an affected version can result in incorrect permissions assignment in the Universal Forwarder for Windows Installation directory. This lets non-administrator users on the machine access the directory and all its contents."
}
],
"value": "In Splunk Universal Forwarder for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new installation of or an upgrade to an affected version can result in incorrect permissions assignment in the Universal Forwarder for Windows Installation directory. This lets non-administrator users on the machine access the directory and all its contents."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T17:00:51.451Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2025-1206"
}
],
"source": {
"advisory": "SVD-2025-1206"
},
"title": "Incorrect permissions assignment on Splunk Universal Forwarder for Windows during new installation or upgrade"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20387",
"datePublished": "2025-12-03T17:00:51.451Z",
"dateReserved": "2024-10-10T19:15:13.265Z",
"dateUpdated": "2025-12-04T04:55:18.275Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20383 (GCVE-0-2025-20383)
Vulnerability from cvelistv5
Published
2025-12-03 17:00
Modified
2025-12-03 21:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Summary
In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and below 3.9.10, 3.8.58, and 3.7.28 of Splunk Secure Gateway app in Splunk Cloud Platform, a low-privileged user that does not hold the "admin" or "power" Splunk roles and subscribes to mobile push notifications could receive notifications that disclose the title and description of the report or alert even if they do not have access to view the report or alert.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Splunk | Splunk Enterprise |
Version: 10.0 < 10.0.2 Version: 9.4 < 9.4.6 Version: 9.3 < 9.3.8 Version: 9.2 < 9.2.10 |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20383",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-03T21:33:01.823595Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T21:33:17.908Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Splunk Enterprise",
"vendor": "Splunk",
"versions": [
{
"lessThan": "10.0.2",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "9.4.6",
"status": "affected",
"version": "9.4",
"versionType": "custom"
},
{
"lessThan": "9.3.8",
"status": "affected",
"version": "9.3",
"versionType": "custom"
},
{
"lessThan": "9.2.10",
"status": "affected",
"version": "9.2",
"versionType": "custom"
}
]
},
{
"product": "Splunk Cloud Platform",
"vendor": "Splunk",
"versions": [
{
"lessThan": "10.1.2507.6",
"status": "affected",
"version": "10.1.2507",
"versionType": "custom"
},
{
"lessThan": "10.0.2503.8",
"status": "affected",
"version": "10.0.2503",
"versionType": "custom"
},
{
"lessThan": "9.3.2411.120",
"status": "affected",
"version": "9.3.2411",
"versionType": "custom"
}
]
},
{
"product": "Splunk Secure Gateway",
"vendor": "Splunk",
"versions": [
{
"lessThan": "3.9.10",
"status": "affected",
"version": "3.9",
"versionType": "custom"
},
{
"lessThan": "3.8.58",
"status": "affected",
"version": "3.8",
"versionType": "custom"
},
{
"lessThan": "3.7.28",
"status": "affected",
"version": "3.7",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Anton (therceman)"
}
],
"datePublic": "2025-12-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and below 3.9.10, 3.8.58, and 3.7.28 of Splunk Secure Gateway app in Splunk Cloud Platform, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles and subscribes to mobile push notifications could receive notifications that disclose the title and description of the report or alert even if they do not have access to view the report or alert."
}
],
"value": "In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and below 3.9.10, 3.8.58, and 3.7.28 of Splunk Secure Gateway app in Splunk Cloud Platform, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles and subscribes to mobile push notifications could receive notifications that disclose the title and description of the report or alert even if they do not have access to view the report or alert."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T17:00:36.414Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2025-1202"
}
],
"source": {
"advisory": "SVD-2025-1202"
},
"title": "Improper access control through push notifications for reports and alerts in Splunk Secure Gateway app"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20383",
"datePublished": "2025-12-03T17:00:36.414Z",
"dateReserved": "2024-10-10T19:15:13.264Z",
"dateUpdated": "2025-12-03T21:33:17.908Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20384 (GCVE-0-2025-20384)
Vulnerability from cvelistv5
Published
2025-12-03 17:00
Modified
2025-12-03 21:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-117 - The software does not neutralize or incorrectly neutralizes output that is written to logs.
Summary
In Splunk Enterprise versions below 10.0.1, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.4, 10.0.2503.6, and 9.3.2411.117.125, an unauthenticated attacker can inject American National Standards Institute (ANSI) escape codes into Splunk log files due to improper validation at the /en-US/static/ web endpoint. This may allow them to poison, forge, or obfuscate sensitive log data through specially crafted HTTP requests, potentially impacting log integrity and detection capabilities.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Splunk | Splunk Enterprise |
Version: 10.0 < 10.0.1 Version: 9.4 < 9.4.6 Version: 9.3 < 9.3.8 Version: 9.2 < 9.2.10 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20384",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-03T21:32:13.797275Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T21:32:24.714Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Splunk Enterprise",
"vendor": "Splunk",
"versions": [
{
"lessThan": "10.0.1",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "9.4.6",
"status": "affected",
"version": "9.4",
"versionType": "custom"
},
{
"lessThan": "9.3.8",
"status": "affected",
"version": "9.3",
"versionType": "custom"
},
{
"lessThan": "9.2.10",
"status": "affected",
"version": "9.2",
"versionType": "custom"
}
]
},
{
"product": "Splunk Cloud Platform",
"vendor": "Splunk",
"versions": [
{
"lessThan": "10.1.2507.4",
"status": "affected",
"version": "10.1.2507",
"versionType": "custom"
},
{
"lessThan": "10.0.2503.6",
"status": "affected",
"version": "10.0.2503",
"versionType": "custom"
},
{
"lessThan": "9.3.2411.117",
"status": "affected",
"version": "9.3.2411",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "ST\u00d6K / Fredrik Alexandersson"
}
],
"datePublic": "2025-12-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Splunk Enterprise versions below 10.0.1, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.4, 10.0.2503.6, and 9.3.2411.117.125, an unauthenticated attacker can inject American National Standards Institute (ANSI) escape codes into Splunk log files due to improper validation at the /en-US/static/ web endpoint. This may allow them to poison, forge, or obfuscate sensitive log data through specially crafted HTTP requests, potentially impacting log integrity and detection capabilities."
}
],
"value": "In Splunk Enterprise versions below 10.0.1, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.4, 10.0.2503.6, and 9.3.2411.117.125, an unauthenticated attacker can inject American National Standards Institute (ANSI) escape codes into Splunk log files due to improper validation at the /en-US/static/ web endpoint. This may allow them to poison, forge, or obfuscate sensitive log data through specially crafted HTTP requests, potentially impacting log integrity and detection capabilities."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-117",
"description": "The software does not neutralize or incorrectly neutralizes output that is written to logs.",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T17:00:34.212Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2025-1203"
}
],
"source": {
"advisory": "SVD-2025-1203"
},
"title": "Unauthenticated Log Injection in Splunk Enterprise"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20384",
"datePublished": "2025-12-03T17:00:34.212Z",
"dateReserved": "2024-10-10T19:15:13.264Z",
"dateUpdated": "2025-12-03T21:32:24.714Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20386 (GCVE-0-2025-20386)
Vulnerability from cvelistv5
Published
2025-12-03 17:00
Modified
2025-12-04 04:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-732 - The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
Summary
In Splunk Enterprise for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new installation of or an upgrade to an affected version can result in incorrect permissions assignment in the Splunk Enterprise for Windows Installation directory. This lets non-administrator users on the machine access the directory and all its contents.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Splunk | Splunk Enterprise |
Version: 10.0 < 10.0.2 Version: 9.4 < 9.4.6 Version: 9.3 < 9.3.8 Version: 9.2 < 9.2.10 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20386",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-03T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-04T04:55:14.824Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Splunk Enterprise",
"vendor": "Splunk",
"versions": [
{
"lessThan": "10.0.2",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "9.4.6",
"status": "affected",
"version": "9.4",
"versionType": "custom"
},
{
"lessThan": "9.3.8",
"status": "affected",
"version": "9.3",
"versionType": "custom"
},
{
"lessThan": "9.2.10",
"status": "affected",
"version": "9.2",
"versionType": "custom"
}
]
}
],
"datePublic": "2025-12-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Splunk Enterprise for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new installation of or an upgrade to an affected version can result in incorrect permissions assignment in the Splunk Enterprise for Windows Installation directory. This lets non-administrator users on the machine access the directory and all its contents."
}
],
"value": "In Splunk Enterprise for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new installation of or an upgrade to an affected version can result in incorrect permissions assignment in the Splunk Enterprise for Windows Installation directory. This lets non-administrator users on the machine access the directory and all its contents."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T17:00:31.753Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2025-1205"
}
],
"source": {
"advisory": "SVD-2025-1205"
},
"title": "Incorrect permission assignment on Splunk Enterprise for Windows during new installation or upgrade"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20386",
"datePublished": "2025-12-03T17:00:31.753Z",
"dateReserved": "2024-10-10T19:15:13.265Z",
"dateUpdated": "2025-12-04T04:55:14.824Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20385 (GCVE-0-2025-20385)
Vulnerability from cvelistv5
Published
2025-12-03 17:00
Modified
2025-12-03 21:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Summary
In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.6, 10.0.2503.7, and 9.3.2411.117, a user who holds a role with a high privilege capability `admin_all_objects` could craft a malicious payload through the href attribute of an anchor tag within a collection in the navigation bar, which could result in execution of unauthorized JavaScript code in the browser of a user.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Splunk | Splunk Enterprise |
Version: 10.0 < 10.0.2 Version: 9.4 < 9.4.6 Version: 9.3 < 9.3.8 Version: 9.2 < 9.2.10 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20385",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-03T21:30:29.194337Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T21:30:42.532Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Splunk Enterprise",
"vendor": "Splunk",
"versions": [
{
"lessThan": "10.0.2",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "9.4.6",
"status": "affected",
"version": "9.4",
"versionType": "custom"
},
{
"lessThan": "9.3.8",
"status": "affected",
"version": "9.3",
"versionType": "custom"
},
{
"lessThan": "9.2.10",
"status": "affected",
"version": "9.2",
"versionType": "custom"
}
]
},
{
"product": "Splunk Cloud Platform",
"vendor": "Splunk",
"versions": [
{
"lessThan": "10.1.2507.6",
"status": "affected",
"version": "10.1.2507",
"versionType": "custom"
},
{
"lessThan": "10.0.2503.7",
"status": "affected",
"version": "10.0.2503",
"versionType": "custom"
},
{
"lessThan": "9.3.2411.117",
"status": "affected",
"version": "9.3.2411",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Dr. Oliver Matula, DB Systel GmbH"
}
],
"datePublic": "2025-12-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.6, 10.0.2503.7, and 9.3.2411.117, a user who holds a role with a high privilege capability `admin_all_objects` could craft a malicious payload through the href attribute of an anchor tag within a collection in the navigation bar, which could result in execution of unauthorized JavaScript code in the browser of a user."
}
],
"value": "In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.6, 10.0.2503.7, and 9.3.2411.117, a user who holds a role with a high privilege capability `admin_all_objects` could craft a malicious payload through the href attribute of an anchor tag within a collection in the navigation bar, which could result in execution of unauthorized JavaScript code in the browser of a user."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 2.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T17:00:29.826Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2025-1204"
}
],
"source": {
"advisory": "SVD-2025-1204"
},
"title": "Stored Cross-Site scripting (XSS) through Anchor Tag \"href\" in Navigation Bar Collections in Splunk Enterprise"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20385",
"datePublished": "2025-12-03T17:00:29.826Z",
"dateReserved": "2024-10-10T19:15:13.265Z",
"dateUpdated": "2025-12-03T21:30:42.532Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20381 (GCVE-0-2025-20381)
Vulnerability from cvelistv5
Published
2025-12-03 17:00
Modified
2025-12-03 21:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-863 - The software performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.
Summary
In Splunk MCP Server app versions below 0.2.4, a user with access to the "run_splunk_query" Model Context Protocol (MCP) tool could bypass the SPL command allowlist controls in MCP by embedding SPL commands as sub-searches, leading to unauthorized actions beyond the intended MCP restrictions.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Splunk | Splunk MCP Server |
Version: 0.2 < 0.2.4 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20381",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-03T21:29:38.813869Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T21:29:51.839Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Splunk MCP Server",
"vendor": "Splunk",
"versions": [
{
"lessThan": "0.2.4",
"status": "affected",
"version": "0.2",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Saket Pandey, Splunk"
}
],
"datePublic": "2025-12-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Splunk MCP Server app versions below 0.2.4, a user with access to the \"run_splunk_query\" Model Context Protocol (MCP) tool could bypass the SPL command allowlist controls in MCP by embedding SPL commands as sub-searches, leading to unauthorized actions beyond the intended MCP restrictions."
}
],
"value": "In Splunk MCP Server app versions below 0.2.4, a user with access to the \"run_splunk_query\" Model Context Protocol (MCP) tool could bypass the SPL command allowlist controls in MCP by embedding SPL commands as sub-searches, leading to unauthorized actions beyond the intended MCP restrictions."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "The software performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T17:00:25.945Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2025-1210"
}
],
"source": {
"advisory": "SVD-2025-1210"
},
"title": "SPL commands allowlist controls bypass in Splunk MCP Server app through \"run_splunk_query\" MCP tool"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20381",
"datePublished": "2025-12-03T17:00:25.945Z",
"dateReserved": "2024-10-10T19:15:13.263Z",
"dateUpdated": "2025-12-03T21:29:51.839Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20382 (GCVE-0-2025-20382)
Vulnerability from cvelistv5
Published
2025-12-03 17:00
Modified
2025-12-03 21:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-601 - A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks.
Summary
In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.10, 10.0.2503.8, and 9.3.2411.120, a low-privileged user that does not hold the "admin" or "power" Splunk roles could create a views dashboard with a custom background using the `data:image/png;base64` protocol that could potentially lead to an unvalidated redirect. This behavior circumvents the Splunk external URL warning mechanism by using a specially crafted URL, allowing for a redirection to an external malicious site. The vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser. The authenticated user should not be able to exploit the vulnerability at will.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Splunk | Splunk Enterprise |
Version: 10.0 < 10.0.2 Version: 9.4 < 9.4.6 Version: 9.3 < 9.3.8 Version: 9.2 < 9.2.10 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20382",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-03T21:28:22.162687Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T21:28:38.682Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Splunk Enterprise",
"vendor": "Splunk",
"versions": [
{
"lessThan": "10.0.2",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "9.4.6",
"status": "affected",
"version": "9.4",
"versionType": "custom"
},
{
"lessThan": "9.3.8",
"status": "affected",
"version": "9.3",
"versionType": "custom"
},
{
"lessThan": "9.2.10",
"status": "affected",
"version": "9.2",
"versionType": "custom"
}
]
},
{
"product": "Splunk Cloud Platform",
"vendor": "Splunk",
"versions": [
{
"lessThan": "10.1.2507.10",
"status": "affected",
"version": "10.1.2507",
"versionType": "custom"
},
{
"lessThan": "10.0.2503.8",
"status": "affected",
"version": "10.0.2503",
"versionType": "custom"
},
{
"lessThan": "9.3.2411.120",
"status": "affected",
"version": "9.3.2411",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Anton (therceman)"
}
],
"datePublic": "2025-12-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.10, 10.0.2503.8, and 9.3.2411.120, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could create a views dashboard with a custom background using the `data:image/png;base64` protocol that could potentially lead to an unvalidated redirect. This behavior circumvents the Splunk external URL warning mechanism by using a specially crafted URL, allowing for a redirection to an external malicious site. The vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser. The authenticated user should not be able to exploit the vulnerability at will."
}
],
"value": "In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.10, 10.0.2503.8, and 9.3.2411.120, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could create a views dashboard with a custom background using the `data:image/png;base64` protocol that could potentially lead to an unvalidated redirect. This behavior circumvents the Splunk external URL warning mechanism by using a specially crafted URL, allowing for a redirection to an external malicious site. The vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser. The authenticated user should not be able to exploit the vulnerability at will."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks.",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T17:00:21.824Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2025-1201"
}
],
"source": {
"advisory": "SVD-2025-1201"
},
"title": "URL validation bypass through Views Dashboard in Splunk Enterprise"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20382",
"datePublished": "2025-12-03T17:00:21.824Z",
"dateReserved": "2024-10-10T19:15:13.264Z",
"dateUpdated": "2025-12-03T21:28:38.682Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20373 (GCVE-0-2025-20373)
Vulnerability from cvelistv5
Published
2025-11-26 17:59
Modified
2025-11-26 18:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-532 - Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.
Summary
In Splunk Add-on for Palo Alto Networks versions below 2.0.2, the add-on exposes client secrets in plain text in the _internal index during the addition of new “Data Security Accounts“. The vulnerability would require either local access to the log files or administrative access to internal indexes, which by default only the admin role receives. Review roles and capabilities on your instance and restrict internal index access to administrator-level roles. See [Define roles on the Splunk platform with capabilities](https://docs.splunk.com/Documentation/Splunk/latest/Security/Rolesandcapabilities) in the Splunk documentation for more information.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Splunk | Splunk Add-on for Palo Alto Networks |
Version: 2.0 < 2.0.2 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20373",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-26T18:28:36.055461Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-26T18:28:46.500Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Splunk Add-on for Palo Alto Networks",
"vendor": "Splunk",
"versions": [
{
"lessThan": "2.0.2",
"status": "affected",
"version": "2.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Vignesh Subramanian, Splunk"
}
],
"datePublic": "2025-11-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Splunk Add-on for Palo Alto Networks versions below 2.0.2, the add-on exposes client secrets in plain text in the _internal index during the addition of new \u201cData Security Accounts\u201c. The vulnerability would require either local access to the log files or administrative access to internal indexes, which by default only the admin role receives. Review roles and capabilities on your instance and restrict internal index access to administrator-level roles. See [Define roles on the Splunk platform with capabilities](https://docs.splunk.com/Documentation/Splunk/latest/Security/Rolesandcapabilities) in the Splunk documentation for more information."
}
],
"value": "In Splunk Add-on for Palo Alto Networks versions below 2.0.2, the add-on exposes client secrets in plain text in the _internal index during the addition of new \u201cData Security Accounts\u201c. The vulnerability would require either local access to the log files or administrative access to internal indexes, which by default only the admin role receives. Review roles and capabilities on your instance and restrict internal index access to administrator-level roles. See [Define roles on the Splunk platform with capabilities](https://docs.splunk.com/Documentation/Splunk/latest/Security/Rolesandcapabilities) in the Splunk documentation for more information."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 2.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-26T17:59:06.210Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2025-1105"
}
],
"source": {
"advisory": "SVD-2025-1105"
},
"title": "Sensitive Information Disclosure in \u201c_internal\u201c index through Splunk Add-On for Palo Alto Networks"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20373",
"datePublished": "2025-11-26T17:59:06.210Z",
"dateReserved": "2024-10-10T19:15:13.262Z",
"dateUpdated": "2025-11-26T18:28:46.500Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20379 (GCVE-0-2025-20379)
Vulnerability from cvelistv5
Published
2025-11-12 17:23
Modified
2025-11-12 21:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Summary
In Splunk Enterprise versions below 10.0.1, 9.4.5, 9.3.7, and 9.2.9 and Splunk Cloud Platform versions below 9.3.2411.116, 9.3.2408.124, 10.0.2503.5 and 10.1.2507.1, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could run a saved search with a risky command using the permissions of a higher-privileged user to bypass the SPL safeguards for risky commands. They could bypass these safeguards on the “/services/streams/search“ endpoint through its “q“ parameter by circumventing endpoint restrictions using character encoding in the REST path. The vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser. The authenticated user should not be able to exploit the vulnerability at will.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Splunk | Splunk Enterprise |
Version: 10.0 < 10.0.1 Version: 9.4 < 9.4.5 Version: 9.3 < 9.3.7 Version: 9.2 < 9.2.9 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20379",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-12T20:47:25.092580Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T21:04:40.810Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Splunk Enterprise",
"vendor": "Splunk",
"versions": [
{
"lessThan": "10.0.1",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "9.4.5",
"status": "affected",
"version": "9.4",
"versionType": "custom"
},
{
"lessThan": "9.3.7",
"status": "affected",
"version": "9.3",
"versionType": "custom"
},
{
"lessThan": "9.2.9",
"status": "affected",
"version": "9.2",
"versionType": "custom"
}
]
},
{
"product": "Splunk Cloud Platform",
"vendor": "Splunk",
"versions": [
{
"lessThan": "9.3.2411.116",
"status": "affected",
"version": "9.3.2411",
"versionType": "custom"
},
{
"lessThan": "9.3.2408.124",
"status": "affected",
"version": "9.3.2408",
"versionType": "custom"
},
{
"lessThan": "10.0.2503.5",
"status": "affected",
"version": "10.0.2503",
"versionType": "custom"
},
{
"lessThan": "10.1.2507.1",
"status": "affected",
"version": "10.1.2507",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Anton (therceman)"
}
],
"datePublic": "2025-11-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Splunk Enterprise versions below 10.0.1, 9.4.5, 9.3.7, and 9.2.9 and Splunk Cloud Platform versions below 9.3.2411.116, 9.3.2408.124, 10.0.2503.5 and 10.1.2507.1, a low-privileged user that does not hold the \u201cadmin\u201c or \u201cpower\u201c Splunk roles could run a saved search with a risky command using the permissions of a higher-privileged user to bypass the SPL safeguards for risky commands. They could bypass these safeguards on the \u201c/services/streams/search\u201c endpoint through its \u201cq\u201c parameter by circumventing endpoint restrictions using character encoding in the REST path. The vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser. The authenticated user should not be able to exploit the vulnerability at will."
}
],
"value": "In Splunk Enterprise versions below 10.0.1, 9.4.5, 9.3.7, and 9.2.9 and Splunk Cloud Platform versions below 9.3.2411.116, 9.3.2408.124, 10.0.2503.5 and 10.1.2507.1, a low-privileged user that does not hold the \u201cadmin\u201c or \u201cpower\u201c Splunk roles could run a saved search with a risky command using the permissions of a higher-privileged user to bypass the SPL safeguards for risky commands. They could bypass these safeguards on the \u201c/services/streams/search\u201c endpoint through its \u201cq\u201c parameter by circumventing endpoint restrictions using character encoding in the REST path. The vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser. The authenticated user should not be able to exploit the vulnerability at will."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T17:23:00.819Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2025-1102"
}
],
"source": {
"advisory": "SVD-2025-1102"
},
"title": "Risky command safeguards bypass using the \u201c/services/streams/search\u201c REST endpoint through \u201cq\u201c parameter in Splunk Enterprise"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20379",
"datePublished": "2025-11-12T17:23:00.819Z",
"dateReserved": "2024-10-10T19:15:13.263Z",
"dateUpdated": "2025-11-12T21:04:40.810Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20378 (GCVE-0-2025-20378)
Vulnerability from cvelistv5
Published
2025-11-12 17:22
Modified
2025-11-12 21:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-601 - A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks.
Summary
In Splunk Enterprise versions below 10.0.1, 9.4.5, 9.3.7, 9.2.9, and Splunk Cloud Platform versions below 10.0.2503.5, 9.3.2411.111, and 9.3.2408.121, an unauthenticated attacker could craft a malicious URL using the `return_to` parameter of the Splunk Web login endpoint. When an authenticated user visits the malicious URL, it could cause an unvalidated redirect to an external malicious site. To be successful, the attacker has to trick the victim into initiating a request from their browser. The unauthenticated attacker should not be able to exploit the vulnerability at will.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Splunk | Splunk Enterprise |
Version: 10.0 < 10.0.1 Version: 9.4 < 9.4.5 Version: 9.3 < 9.3.7 Version: 9.2 < 9.2.9 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20378",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-12T20:47:32.175559Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T21:04:48.103Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Splunk Enterprise",
"vendor": "Splunk",
"versions": [
{
"lessThan": "10.0.1",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "9.4.5",
"status": "affected",
"version": "9.4",
"versionType": "custom"
},
{
"lessThan": "9.3.7",
"status": "affected",
"version": "9.3",
"versionType": "custom"
},
{
"lessThan": "9.2.9",
"status": "affected",
"version": "9.2",
"versionType": "custom"
}
]
},
{
"product": "Splunk Cloud Platform",
"vendor": "Splunk",
"versions": [
{
"lessThan": "10.0.2503.5",
"status": "affected",
"version": "10.0.2503",
"versionType": "custom"
},
{
"lessThan": "9.3.2411.111",
"status": "affected",
"version": "9.3.2411",
"versionType": "custom"
},
{
"lessThan": "9.3.2408.121",
"status": "affected",
"version": "9.3.2408",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Diogo Real (c0rte)"
}
],
"datePublic": "2025-11-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Splunk Enterprise versions below 10.0.1, 9.4.5, 9.3.7, 9.2.9, and Splunk Cloud Platform versions below 10.0.2503.5, 9.3.2411.111, and 9.3.2408.121, an unauthenticated attacker could craft a malicious URL using the `return_to` parameter of the Splunk Web login endpoint. When an authenticated user visits the malicious URL, it could cause an unvalidated redirect to an external malicious site. To be successful, the attacker has to trick the victim into initiating a request from their browser. The unauthenticated attacker should not be able to exploit the vulnerability at will."
}
],
"value": "In Splunk Enterprise versions below 10.0.1, 9.4.5, 9.3.7, 9.2.9, and Splunk Cloud Platform versions below 10.0.2503.5, 9.3.2411.111, and 9.3.2408.121, an unauthenticated attacker could craft a malicious URL using the `return_to` parameter of the Splunk Web login endpoint. When an authenticated user visits the malicious URL, it could cause an unvalidated redirect to an external malicious site. To be successful, the attacker has to trick the victim into initiating a request from their browser. The unauthenticated attacker should not be able to exploit the vulnerability at will."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks.",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T17:22:56.630Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2025-1101"
}
],
"source": {
"advisory": "SVD-2025-1101"
},
"title": "Open Redirect on Web Login endpoint in Splunk Enterprise"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20378",
"datePublished": "2025-11-12T17:22:56.630Z",
"dateReserved": "2024-10-10T19:15:13.263Z",
"dateUpdated": "2025-11-12T21:04:48.103Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-36227 (GCVE-0-2022-36227)
Vulnerability from cvelistv5
Published
2022-11-22 00:00
Modified
2025-11-03 21:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties dispute the code-execution impact: "In rare circumstances, when NULL is equivalent to the 0x0 memory address and privileged code can access it, then writing or reading memory is possible, which may lead to code execution."
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:46:29.036Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/libarchive/libarchive/issues/1754"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugs.gentoo.org/882521"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/libarchive/libarchive/blob/v3.0.0a/libarchive/archive_write.c#L215"
},
{
"name": "FEDORA-2022-e15be0091f",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V67OO2UUQAUJS3IK4JZPF6F3LUCBU6IS/"
},
{
"name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3294-1] libarchive security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00034.html"
},
{
"name": "GLSA-202309-14",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202309-14"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00007.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties dispute the code-execution impact: \"In rare circumstances, when NULL is equivalent to the 0x0 memory address and privileged code can access it, then writing or reading memory is possible, which may lead to code execution.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-29T16:06:28.926Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/libarchive/libarchive/issues/1754"
},
{
"url": "https://bugs.gentoo.org/882521"
},
{
"url": "https://github.com/libarchive/libarchive/blob/v3.0.0a/libarchive/archive_write.c#L215"
},
{
"name": "FEDORA-2022-e15be0091f",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V67OO2UUQAUJS3IK4JZPF6F3LUCBU6IS/"
},
{
"name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3294-1] libarchive security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00034.html"
},
{
"name": "GLSA-202309-14",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202309-14"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-36227",
"datePublished": "2022-11-22T00:00:00.000Z",
"dateReserved": "2022-07-18T00:00:00.000Z",
"dateUpdated": "2025-11-03T21:46:29.036Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2021-36976 (GCVE-0-2021-36976)
Vulnerability from cvelistv5
Published
2021-07-20 06:49
Modified
2025-11-03 21:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block).
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:45:04.640Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libarchive/OSV-2021-557.yaml"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32375"
},
{
"name": "FEDORA-2022-9bb794c5f5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SE5NJQNM22ZE5Z55LPAGCUHSBQZBKMKC/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213183"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213182"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213193"
},
{
"name": "20220314 APPLE-SA-2022-03-14-2 watchOS 8.5",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/Mar/28"
},
{
"name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/Mar/29"
},
{
"name": "20220314 APPLE-SA-2022-03-14-1 iOS 15.4 and iPadOS 15.4",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/Mar/27"
},
{
"name": "GLSA-202208-26",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202208-26"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00007.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-14T19:07:49.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libarchive/OSV-2021-557.yaml"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32375"
},
{
"name": "FEDORA-2022-9bb794c5f5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SE5NJQNM22ZE5Z55LPAGCUHSBQZBKMKC/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT213183"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT213182"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT213193"
},
{
"name": "20220314 APPLE-SA-2022-03-14-2 watchOS 8.5",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2022/Mar/28"
},
{
"name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2022/Mar/29"
},
{
"name": "20220314 APPLE-SA-2022-03-14-1 iOS 15.4 and iPadOS 15.4",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2022/Mar/27"
},
{
"name": "GLSA-202208-26",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202208-26"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-36976",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libarchive/OSV-2021-557.yaml",
"refsource": "MISC",
"url": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libarchive/OSV-2021-557.yaml"
},
{
"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32375",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32375"
},
{
"name": "FEDORA-2022-9bb794c5f5",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SE5NJQNM22ZE5Z55LPAGCUHSBQZBKMKC/"
},
{
"name": "https://support.apple.com/kb/HT213183",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT213183"
},
{
"name": "https://support.apple.com/kb/HT213182",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT213182"
},
{
"name": "https://support.apple.com/kb/HT213193",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT213193"
},
{
"name": "20220314 APPLE-SA-2022-03-14-2 watchOS 8.5",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2022/Mar/28"
},
{
"name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2022/Mar/29"
},
{
"name": "20220314 APPLE-SA-2022-03-14-1 iOS 15.4 and iPadOS 15.4",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2022/Mar/27"
},
{
"name": "GLSA-202208-26",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202208-26"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-36976",
"datePublished": "2021-07-20T06:49:15.000Z",
"dateReserved": "2021-07-20T00:00:00.000Z",
"dateUpdated": "2025-11-03T21:45:04.640Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2014-0160 (GCVE-0-2014-0160)
Vulnerability from cvelistv5
Published
2014-04-07 00:00
Modified
2025-10-22 00:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:05:39.056Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html?sr=36517217"
},
{
"name": "1030077",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030077"
},
{
"name": "20140408 heartbleed OpenSSL bug CVE-2014-0160",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Apr/90"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.getchef.com/blog/2014/04/09/chef-server-heartbleed-cve-2014-0160-releases/"
},
{
"name": "DSA-2896",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2896"
},
{
"name": "HPSBGN03008",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139774054614965\u0026w=2"
},
{
"name": "HPSBMU03024",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139889113431619\u0026w=2"
},
{
"name": "RHSA-2014:0396",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0396.html"
},
{
"name": "HPSBHF03021",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139835815211508\u0026w=2"
},
{
"name": "HPSBHF03136",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141287864628122\u0026w=2"
},
{
"name": "VU#720951",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/720951"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.splunk.com/view/SP-CAAAMB3"
},
{
"name": "HPSBMU03033",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905295427946\u0026w=2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf"
},
{
"name": "HPSBGN03011",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139833395230364\u0026w=2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670161"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
},
{
"name": "openSUSE-SU-2014:0492",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00004.html"
},
{
"name": "SSRT101846",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"name": "20140409 Re: heartbleed OpenSSL bug CVE-2014-0160",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Apr/109"
},
{
"name": "HPSBMU03037",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140724451518351\u0026w=2"
},
{
"name": "1030080",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030080"
},
{
"name": "57836",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/57836"
},
{
"tags": [
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843"
},
{
"name": "HPSBMU03012",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139808058921905\u0026w=2"
},
{
"name": "HPSBST03001",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139758572430452\u0026w=2"
},
{
"name": "66690",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66690"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://filezilla-project.org/versions.php?type=server"
},
{
"name": "HPSBMU03023",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139843768401936\u0026w=2"
},
{
"name": "57483",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/57483"
},
{
"name": "20140409 OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco Products",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.kerio.com/support/kerio-control/release-history"
},
{
"tags": [
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2014-0165.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.blackberry.com/btsc/KB35882"
},
{
"name": "HPSBHF03293",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"name": "HPSBMU03044",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140075368411126\u0026w=2"
},
{
"name": "HPSBMU03030",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905351928096\u0026w=2"
},
{
"name": "1030081",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030081"
},
{
"name": "FEDORA-2014-4879",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131221.html"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"name": "FEDORA-2014-4910",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131291.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1084875"
},
{
"name": "FEDORA-2014-9308",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841"
},
{
"name": "HPSBMU03013",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139824993005633\u0026w=2"
},
{
"name": "1030079",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030079"
},
{
"name": "RHSA-2014:0377",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0377.html"
},
{
"name": "HPSBMU02995",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139722163017074\u0026w=2"
},
{
"name": "HPSBPI03031",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139889295732144\u0026w=2"
},
{
"tags": [
"x_transferred"
],
"url": "https://code.google.com/p/mod-spdy/issues/detail?id=85"
},
{
"name": "HPSBMU02999",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139765756720506\u0026w=2"
},
{
"name": "HPSBGN03010",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139774703817488\u0026w=2"
},
{
"name": "HPSBMU03029",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905202427693\u0026w=2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/"
},
{
"tags": [
"x_transferred"
],
"url": "http://heartbleed.com/"
},
{
"name": "HPSBMU03018",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139817782017443\u0026w=2"
},
{
"tags": [
"x_transferred"
],
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-119-01"
},
{
"name": "HPSBMU03040",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140015787404650\u0026w=2"
},
{
"tags": [
"x_transferred"
],
"url": "http://cogentdatahub.com/ReleaseNotes.html"
},
{
"name": "HPSBMU03025",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139869720529462\u0026w=2"
},
{
"name": "HPSBST03016",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139842151128341\u0026w=2"
},
{
"name": "HPSBMU03028",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905243827825\u0026w=2"
},
{
"name": "HPSBMU03009",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905458328378\u0026w=2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.f-secure.com/en/web/labs_global/fsc-2014-1"
},
{
"name": "TA14-098A",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA14-098A"
},
{
"name": "57347",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/57347"
},
{
"name": "[syslog-ng-announce] 20140411 syslog-ng Premium Edition 5 LTS (5.0.4a) has been released",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-April/000184.html"
},
{
"name": "20140411 MRI Rubies may contain statically linked, vulnerable OpenSSL",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Apr/173"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.torproject.org/blog/openssl-bug-cve-2014-0160"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=96db9023b881d7cd9f379b0c154650d6c108e9a3"
},
{
"name": "HPSBST03000",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay\u0026spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04260637-4%257CdocLocale%253Den_US%257CcalledBy%253DSearch_Result\u0026javax.portlet.begCacheTok=com.vignette.cachetoken\u0026javax.portlet.endCacheTok=com.vignette.cachetoken"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Dec/23"
},
{
"name": "HPSBST03004",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905653828999\u0026w=2"
},
{
"name": "USN-2165-1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2165-1"
},
{
"name": "RHSA-2014:0378",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0378.html"
},
{
"name": "HPSBMU02997",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139757919027752\u0026w=2"
},
{
"name": "SUSE-SA:2014:002",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00005.html"
},
{
"name": "32764",
"tags": [
"exploit",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/32764"
},
{
"name": "HPSBMU02994",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139757726426985\u0026w=2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160512_00"
},
{
"name": "HPSBMU03022",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139869891830365\u0026w=2"
},
{
"name": "HPSBST03027",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905868529690\u0026w=2"
},
{
"name": "HPSBMU03019",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139817685517037\u0026w=2"
},
{
"name": "HPSBMU03062",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
},
{
"name": "20140408 Re: heartbleed OpenSSL bug CVE-2014-0160",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Apr/91"
},
{
"name": "1030078",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030078"
},
{
"name": "59243",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/59243"
},
{
"tags": [
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004661"
},
{
"name": "HPSBMU03020",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139836085512508\u0026w=2"
},
{
"name": "HPSBST03015",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139824923705461\u0026w=2"
},
{
"name": "RHSA-2014:0376",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0376.html"
},
{
"name": "HPSBPI03014",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139835844111589\u0026w=2"
},
{
"name": "MDVSA-2015:062",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cert.fi/en/reports/2014/vulnerability788210.html"
},
{
"name": "57721",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/57721"
},
{
"name": "57968",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/57968"
},
{
"tags": [
"x_transferred"
],
"url": "http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/"
},
{
"tags": [
"x_transferred"
],
"url": "http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=3"
},
{
"name": "openSUSE-SU-2014:0560",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-04/msg00061.html"
},
{
"name": "HPSBMU03032",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905405728262\u0026w=2"
},
{
"name": "1030082",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030082"
},
{
"name": "HPSBMU02998",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139757819327350\u0026w=2"
},
{
"name": "32745",
"tags": [
"exploit",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/32745"
},
{
"name": "20140412 Re: heartbleed OpenSSL bug CVE-2014-0160",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Apr/190"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/"
},
{
"name": "HPSBMU03017",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139817727317190\u0026w=2"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openssl.org/news/secadv_20140407.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://gist.github.com/chapmajs/10473815"
},
{
"tags": [
"x_transferred"
],
"url": "http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=1"
},
{
"name": "1030074",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030074"
},
{
"tags": [
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX140605"
},
{
"name": "59139",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/59139"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/"
},
{
"name": "57966",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/57966"
},
{
"name": "1030026",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030026"
},
{
"name": "59347",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/59347"
},
{
"name": "[tomcat-dev] 20190319 svn commit: r1855831 [26/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190325 svn commit: r1856174 [26/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E"
},
{
"tags": [
"x_transferred"
],
"url": "https://sku11army.blogspot.com/2020/01/heartbleed-hearts-continue-to-bleed.html"
},
{
"name": "[tomcat-dev] 20200203 svn commit: r1873527 [26/30] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-635659.pdf"
},
{
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [31/34] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E"
},
{
"tags": [
"x_transferred"
],
"url": "https://yunus-shn.medium.com/ricon-industrial-cellular-router-heartbleed-attack-2634221c02bd"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2014-0160",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T13:32:34.600181Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-05-04",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-0160"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T00:05:38.217Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-0160"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-05-04T00:00:00+00:00",
"value": "CVE-2014-0160 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-15T00:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html?sr=36517217"
},
{
"name": "1030077",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1030077"
},
{
"name": "20140408 heartbleed OpenSSL bug CVE-2014-0160",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2014/Apr/90"
},
{
"url": "http://www.getchef.com/blog/2014/04/09/chef-server-heartbleed-cve-2014-0160-releases/"
},
{
"name": "DSA-2896",
"tags": [
"vendor-advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2896"
},
{
"name": "HPSBGN03008",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139774054614965\u0026w=2"
},
{
"name": "HPSBMU03024",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139889113431619\u0026w=2"
},
{
"name": "RHSA-2014:0396",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0396.html"
},
{
"name": "HPSBHF03021",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139835815211508\u0026w=2"
},
{
"name": "HPSBHF03136",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141287864628122\u0026w=2"
},
{
"name": "VU#720951",
"tags": [
"third-party-advisory"
],
"url": "http://www.kb.cert.org/vuls/id/720951"
},
{
"url": "http://www.splunk.com/view/SP-CAAAMB3"
},
{
"name": "HPSBMU03033",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905295427946\u0026w=2"
},
{
"url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
},
{
"url": "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf"
},
{
"name": "HPSBGN03011",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139833395230364\u0026w=2"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670161"
},
{
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
},
{
"name": "openSUSE-SU-2014:0492",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00004.html"
},
{
"name": "SSRT101846",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"name": "20140409 Re: heartbleed OpenSSL bug CVE-2014-0160",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2014/Apr/109"
},
{
"name": "HPSBMU03037",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140724451518351\u0026w=2"
},
{
"name": "1030080",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1030080"
},
{
"name": "57836",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/57836"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843"
},
{
"name": "HPSBMU03012",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139808058921905\u0026w=2"
},
{
"name": "HPSBST03001",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139758572430452\u0026w=2"
},
{
"name": "66690",
"tags": [
"vdb-entry"
],
"url": "http://www.securityfocus.com/bid/66690"
},
{
"url": "http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf"
},
{
"url": "https://filezilla-project.org/versions.php?type=server"
},
{
"name": "HPSBMU03023",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139843768401936\u0026w=2"
},
{
"name": "57483",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/57483"
},
{
"name": "20140409 OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco Products",
"tags": [
"vendor-advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed"
},
{
"url": "http://www.kerio.com/support/kerio-control/release-history"
},
{
"url": "http://advisories.mageia.org/MGASA-2014-0165.html"
},
{
"url": "http://www.blackberry.com/btsc/KB35882"
},
{
"name": "HPSBHF03293",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"name": "HPSBMU03044",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140075368411126\u0026w=2"
},
{
"name": "HPSBMU03030",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905351928096\u0026w=2"
},
{
"name": "1030081",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1030081"
},
{
"name": "FEDORA-2014-4879",
"tags": [
"vendor-advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131221.html"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"tags": [
"mailing-list"
],
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"name": "FEDORA-2014-4910",
"tags": [
"vendor-advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131291.html"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1084875"
},
{
"name": "FEDORA-2014-9308",
"tags": [
"vendor-advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841"
},
{
"name": "HPSBMU03013",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139824993005633\u0026w=2"
},
{
"name": "1030079",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1030079"
},
{
"name": "RHSA-2014:0377",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0377.html"
},
{
"name": "HPSBMU02995",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139722163017074\u0026w=2"
},
{
"name": "HPSBPI03031",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139889295732144\u0026w=2"
},
{
"url": "https://code.google.com/p/mod-spdy/issues/detail?id=85"
},
{
"name": "HPSBMU02999",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139765756720506\u0026w=2"
},
{
"name": "HPSBGN03010",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139774703817488\u0026w=2"
},
{
"name": "HPSBMU03029",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905202427693\u0026w=2"
},
{
"url": "http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/"
},
{
"url": "http://heartbleed.com/"
},
{
"name": "HPSBMU03018",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139817782017443\u0026w=2"
},
{
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-119-01"
},
{
"name": "HPSBMU03040",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140015787404650\u0026w=2"
},
{
"url": "http://cogentdatahub.com/ReleaseNotes.html"
},
{
"name": "HPSBMU03025",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139869720529462\u0026w=2"
},
{
"name": "HPSBST03016",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139842151128341\u0026w=2"
},
{
"name": "HPSBMU03028",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905243827825\u0026w=2"
},
{
"name": "HPSBMU03009",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905458328378\u0026w=2"
},
{
"url": "http://www.f-secure.com/en/web/labs_global/fsc-2014-1"
},
{
"name": "TA14-098A",
"tags": [
"third-party-advisory"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA14-098A"
},
{
"name": "57347",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/57347"
},
{
"name": "[syslog-ng-announce] 20140411 syslog-ng Premium Edition 5 LTS (5.0.4a) has been released",
"tags": [
"mailing-list"
],
"url": "https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-April/000184.html"
},
{
"name": "20140411 MRI Rubies may contain statically linked, vulnerable OpenSSL",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2014/Apr/173"
},
{
"url": "https://blog.torproject.org/blog/openssl-bug-cve-2014-0160"
},
{
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"url": "http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html"
},
{
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html"
},
{
"url": "http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=96db9023b881d7cd9f379b0c154650d6c108e9a3"
},
{
"name": "HPSBST03000",
"tags": [
"vendor-advisory"
],
"url": "https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay\u0026spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04260637-4%257CdocLocale%253Den_US%257CcalledBy%253DSearch_Result\u0026javax.portlet.begCacheTok=com.vignette.cachetoken\u0026javax.portlet.endCacheTok=com.vignette.cachetoken"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2014/Dec/23"
},
{
"name": "HPSBST03004",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905653828999\u0026w=2"
},
{
"name": "USN-2165-1",
"tags": [
"vendor-advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2165-1"
},
{
"name": "RHSA-2014:0378",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0378.html"
},
{
"name": "HPSBMU02997",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139757919027752\u0026w=2"
},
{
"name": "SUSE-SA:2014:002",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00005.html"
},
{
"name": "32764",
"tags": [
"exploit"
],
"url": "http://www.exploit-db.com/exploits/32764"
},
{
"name": "HPSBMU02994",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139757726426985\u0026w=2"
},
{
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160512_00"
},
{
"name": "HPSBMU03022",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139869891830365\u0026w=2"
},
{
"name": "HPSBST03027",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905868529690\u0026w=2"
},
{
"name": "HPSBMU03019",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139817685517037\u0026w=2"
},
{
"name": "HPSBMU03062",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
},
{
"name": "20140408 Re: heartbleed OpenSSL bug CVE-2014-0160",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2014/Apr/91"
},
{
"name": "1030078",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1030078"
},
{
"name": "59243",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/59243"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004661"
},
{
"name": "HPSBMU03020",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139836085512508\u0026w=2"
},
{
"name": "HPSBST03015",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139824923705461\u0026w=2"
},
{
"name": "RHSA-2014:0376",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0376.html"
},
{
"name": "HPSBPI03014",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139835844111589\u0026w=2"
},
{
"name": "MDVSA-2015:062",
"tags": [
"vendor-advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062"
},
{
"url": "https://www.cert.fi/en/reports/2014/vulnerability788210.html"
},
{
"name": "57721",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/57721"
},
{
"name": "57968",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/57968"
},
{
"url": "http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/"
},
{
"url": "http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=3"
},
{
"name": "openSUSE-SU-2014:0560",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-04/msg00061.html"
},
{
"name": "HPSBMU03032",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139905405728262\u0026w=2"
},
{
"name": "1030082",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1030082"
},
{
"name": "HPSBMU02998",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139757819327350\u0026w=2"
},
{
"name": "32745",
"tags": [
"exploit"
],
"url": "http://www.exploit-db.com/exploits/32745"
},
{
"name": "20140412 Re: heartbleed OpenSSL bug CVE-2014-0160",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2014/Apr/190"
},
{
"url": "http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/"
},
{
"name": "HPSBMU03017",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139817727317190\u0026w=2"
},
{
"url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008"
},
{
"url": "http://www.openssl.org/news/secadv_20140407.txt"
},
{
"url": "https://gist.github.com/chapmajs/10473815"
},
{
"url": "http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=1"
},
{
"name": "1030074",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1030074"
},
{
"url": "http://support.citrix.com/article/CTX140605"
},
{
"name": "59139",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/59139"
},
{
"url": "http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/"
},
{
"name": "57966",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/57966"
},
{
"name": "1030026",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1030026"
},
{
"name": "59347",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/59347"
},
{
"name": "[tomcat-dev] 20190319 svn commit: r1855831 [26/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190325 svn commit: r1856174 [26/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E"
},
{
"url": "https://sku11army.blogspot.com/2020/01/heartbleed-hearts-continue-to-bleed.html"
},
{
"name": "[tomcat-dev] 20200203 svn commit: r1873527 [26/30] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-635659.pdf"
},
{
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [31/34] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E"
},
{
"url": "https://yunus-shn.medium.com/ricon-industrial-cellular-router-heartbleed-attack-2634221c02bd"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-0160",
"datePublished": "2014-04-07T00:00:00.000Z",
"dateReserved": "2013-12-03T00:00:00.000Z",
"dateUpdated": "2025-10-22T00:05:38.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}