OBS-Vigilance

Title	Description	Date
Splunk Enterprise: Server-Side Request Forgery via enableSplunkWebClientNetlocopen in new window	An attacker can trigger a Server-Side Request Forgery of Splunk Enterprise, via enableSplunkWebClien	Visit link for details
Splunk Enterprise: overload via Multiple LDAP Bind Requestsopen in new window	An attacker can trigger an overload of Splunk Enterprise, via Multiple LDAP Bind Requests, in order to trigger a denial of service...	Visit link for details
Splunk Enterprise: external XML entity injection via Dashboard Label Fieldopen in new window	An attacker can transmit malicious XML data to Splunk Enterprise, via Dashboard Label Field, in order to read a file, scan sites, or trigger a denial of service...	Visit link for details
Splunk Enterprise: Cross Site Scripting via Saved Search / Job Inspectoropen in new window	An attacker can trigger a Cross Site Scripting of Splunk Enterprise, via Saved Search / Job Inspector, in order to run JavaScript code in the context of the web site...	Visit link for details
Splunk Enterprise: Cross Site Scripting via /app/search/tableopen in new window	An attacker can trigger a Cross Site Scripting of Splunk Enterprise, via /app/search/table, in order to run JavaScript code in the context of the web site...	Visit link for details
Splunk Enterprise: information disclosure via Background Job Submissionopen in new window	An attacker can bypass access restrictions to data of Splunk Enterprise, via Background Job Submission, in order to read sensitive information...	Visit link for details
Cisco Unified Communications Manager: Cross Site Scripting via Web-based Management Interfaceopen in new window	An attacker can trigger a Cross Site Scripting of Cisco Unified Communications Manager, via Web-based Management Interface, in order to run JavaScript code in the context of the web site...	Visit link for details
BIRD: denial of service via BGPopen in new window	An attacker can send malicious BGP packets to BIRD, in order to trigger a denial of service...	Visit link for details
ntpd-rs: overload via Message Stormopen in new window	An attacker can trigger an overload of ntpd-rs, via Message Storm, in order to trigger a denial of service...	Visit link for details
DNSdist: overload via DoH Exchangeopen in new window	An attacker can trigger an overload of DNSdist, via DoH Exchange, in order to trigger a denial of service...	Visit link for details

# OBS-Vigilance

OBS-Vigilance