|
Splunk Vulnerabilities
|
Splunk
|
Credential Access
Discovery
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Stealth
|
Splunk Enterprise, Splunk Cloud, Splunk Enterprise Security
|
2026-05-14
|
|
React2Shell
|
Cisco Secure Firewall Threat Defense Intrusion Event, CrowdStrike ProcessRollup2, Sysmon EventID 1, Sysmon for Linux EventID 1
|
Execution
Initial Access
|
Splunk Enterprise, Splunk Cloud, Splunk Enterprise Security
|
2026-05-13
|
|
Text4Shell CVE-2022-42889
|
Nginx Access
|
Initial Access
Persistence
|
Splunk Enterprise, Splunk Cloud, Splunk Enterprise Security
|
2026-05-13
|
|
Spring4Shell CVE-2022-22965
|
Nginx Access, Splunk Stream HTTP, Sysmon EventID 1, Sysmon for Linux EventID 11, Sysmon for Linux EventID 1
|
Initial Access
Persistence
|
Splunk Enterprise, Splunk Cloud, Splunk Enterprise Security
|
2026-05-13
|
|
Log4Shell CVE-2021-44228
|
Cisco Secure Access Firewall, Cisco Secure Firewall Threat Defense Connection Event, CrowdStrike ProcessRollup2, Nginx Access, Palo Alto Network Traffic, Splunk Stream HTTP, Sysmon EventID 1, Sysmon EventID 3, Sysmon for Linux EventID 1, Windows Event Log Security 4688
|
Command and Control
Execution
Initial Access
Persistence
|
Splunk Enterprise, Splunk Cloud, Splunk Enterprise Security
|
2026-05-13
|
|
Atlassian Confluence Server and Data Center CVE-2022-26134
|
Palo Alto Network Threat, Sysmon for Linux EventID 11, Sysmon for Linux EventID 1
|
Initial Access
Persistence
|
Splunk Enterprise, Splunk Cloud, Splunk Enterprise Security
|
2026-05-13
|
|
ESXi Post Compromise
|
CrowdStrike ProcessRollup2, Sysmon EventID 1, VMWare ESXi Syslog, Windows Event Log Security 4688
|
Collection
Credential Access
Defense Impairment
Discovery
Execution
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Stealth
|
Splunk Enterprise, Splunk Cloud, Splunk Enterprise Security
|
2026-05-13
|
