Splunk version 4.3.1 addresses one vulnerability:
This disclosure updates a previous disclosure which can be found here: Splunk 4.2.1 addresses one security vulnerability. The fix for the vulnerability addresses in the above disclosure did not protect against exploitation in some cases, for example if Internet Explorer 8/9/10 was connected to an instance of Splunk Web via an internal or local domain name.
At the time of this announcement, Splunk is not aware of any cases where this vulnerability has been exploited. Splunk recommends that customers upgrade any instances of Splunk to the latest maintenance release as soon as possible.
Splunk also recommends that you apply as many components of the Splunk Hardening Standards as possible to mitigate the risk and impact of exploitation.