{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Enterprise Security versions ant\u00e9rieures \u00e0 8.1.0","product":{"name":"Enterprise Security","vendor":{"name":"Splunk","scada":false}}},{"description":"User Behavior Analytics (UBA) versions ant\u00e9rieures \u00e0 5.4.3","product":{"name":"Splunk User Behavior Analytics (UBA)","vendor":{"name":"Splunk","scada":false}}}],"affected_systems_content":"","content":"## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des correctifs (cf. section Documentation).","cves":[{"name":"CVE-2024-37370","url":"https://www.cve.org/CVERecord?id=CVE-2024-37370"},{"name":"CVE-2024-42459","url":"https://www.cve.org/CVERecord?id=CVE-2024-42459"},{"name":"CVE-2023-38546","url":"https://www.cve.org/CVERecord?id=CVE-2023-38546"},{"name":"CVE-2023-5590","url":"https://www.cve.org/CVERecord?id=CVE-2023-5590"},{"name":"CVE-2024-49766","url":"https://www.cve.org/CVERecord?id=CVE-2024-49766"},{"name":"CVE-2024-42460","url":"https://www.cve.org/CVERecord?id=CVE-2024-42460"},{"name":"CVE-2025-27144","url":"https://www.cve.org/CVERecord?id=CVE-2025-27144"},{"name":"CVE-2024-31141","url":"https://www.cve.org/CVERecord?id=CVE-2024-31141"},{"name":"CVE-2022-33987","url":"https://www.cve.org/CVERecord?id=CVE-2022-33987"},{"name":"CVE-2024-40635","url":"https://www.cve.org/CVERecord?id=CVE-2024-40635"},{"name":"CVE-2024-48948","url":"https://www.cve.org/CVERecord?id=CVE-2024-48948"},{"name":"CVE-2025-25977","url":"https://www.cve.org/CVERecord?id=CVE-2025-25977"},{"name":"CVE-2024-6763","url":"https://www.cve.org/CVERecord?id=CVE-2024-6763"},{"name":"CVE-2024-56128","url":"https://www.cve.org/CVERecord?id=CVE-2024-56128"},{"name":"CVE-2022-42898","url":"https://www.cve.org/CVERecord?id=CVE-2022-42898"},{"name":"CVE-2024-49767","url":"https://www.cve.org/CVERecord?id=CVE-2024-49767"},{"name":"CVE-2024-26461","url":"https://www.cve.org/CVERecord?id=CVE-2024-26461"},{"name":"CVE-2024-26458","url":"https://www.cve.org/CVERecord?id=CVE-2024-26458"},{"name":"CVE-2024-12254","url":"https://www.cve.org/CVERecord?id=CVE-2024-12254"},{"name":"CVE-2025-22869","url":"https://www.cve.org/CVERecord?id=CVE-2025-22869"},{"name":"CVE-2024-42461","url":"https://www.cve.org/CVERecord?id=CVE-2024-42461"},{"name":"CVE-2025-21502","url":"https://www.cve.org/CVERecord?id=CVE-2025-21502"},{"name":"CVE-2023-38039","url":"https://www.cve.org/CVERecord?id=CVE-2023-38039"},{"name":"CVE-2024-37371","url":"https://www.cve.org/CVERecord?id=CVE-2024-37371"},{"name":"CVE-2023-38545","url":"https://www.cve.org/CVERecord?id=CVE-2023-38545"}],"links":[],"reference":"CERTFR-2025-AVI-0641","revisions":[{"description":"Version initiale","revision_date":"2025-07-31T00:00:00.000000"}],"risks":[{"description":"Non sp\u00e9cifi\u00e9 par l'\u00e9diteur"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Splunk. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l'\u00e9diteur.","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Splunk","vendor_advisories":[{"published_at":"2025-07-30","title":"Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0715","url":"https://advisory.splunk.com/advisories/SVD-2025-0715"},{"published_at":"2025-07-30","title":"Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0713","url":"https://advisory.splunk.com/advisories/SVD-2025-0713"},{"published_at":"2025-07-30","title":"Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0714","url":"https://advisory.splunk.com/advisories/SVD-2025-0714"}]}