- Description
- In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and versions below 3.8.38 and 3.7.23 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could run a search using the permissions of a higher-privileged user that could lead to disclosure of sensitive information.<br><br>The vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser. The authenticated low-privileged user should not be able to exploit the vulnerability at will.
- Source
- psirt@cisco.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Primary
- Base score
- 7.1
- Impact score
- 5.9
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
- psirt@cisco.com
- CWE-532
- Hype score
- Not currently trending
🚨 CVE-2025-20231 🔴 HIGH (7.1) 🏢 Splunk - Splunk Enterprise 🏗️ 9.4 🔗 https://t.co/rC0AMopJ9z #CyberCron #VulnAlert #InfoSec https://t.co/v8ZuldvjnI
@cybercronai
28 Mar 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical vulnerabilities in Splunk Enterprise and Cloud have been patched, addressing RCE and data leak risks (CVE-2025-20229, CVE-2025-20231). Organizations advised to check user access controls. 🛡️🔒 #Splunk #DataSecurity #USA link: https://t.co/eV3lC4exvt https://t.co/D7YyKk
@TweetThreatNews
27 Mar 2025
106 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
Protect your systems from CVE-2025-20231, apply latest updates for enhanced security
@LeBraunneZen
27 Mar 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-20229 and CVE-2025-20231 impacts Splunk #Splunk #CVE-2025-20229 #CVE-2025-20231 https://t.co/4GQfmAvjLE
@pravin_karthik
27 Mar 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-20231 detected, apply system updates immediately
@LeBraunneZen
27 Mar 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-20231 detected, apply system updates to prevent threats
@LeBraunneZen
27 Mar 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Splunkは、2件の高深刻度脆弱性(CVE-2025-20229およびCVE-2025-20231)に対するセキュリティアップデートを公開した。 CVE-2025-20229は、Splunk EnterpriseおよびSplunk Cloud Platformに影響するリモートコード実行脆弱性。
@yousukezan
27 Mar 2025
3004 Impressions
4 Retweets
18 Likes
5 Bookmarks
0 Replies
2 Quotes
Splunk Alert: RCE (CVE-2025-20229) and Data Leak (CVE-2025-20231) Vulnerabilities Threaten Platforms Splunk has released a security advisory detailing critical vulnerabilities affecting Splunk Enterprise and Splunk Cloud Platform. https://t.co/dnN9gD5QmW
@the_yellow_fall
27 Mar 2025
734 Impressions
4 Retweets
13 Likes
3 Bookmarks
0 Replies
0 Quotes
Enhance security now: CVE-2025-20231 detected, apply latest system updates to prevent potential threats
@LeBraunneZen
27 Mar 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
�� CVE-2025-20231 - Splunk Enterprise - HIGH 🚨 🗓️ Date published 2025-03-26 22:15:15 UTC #SplunkEnterprise #CyberSecurity #InfoSec #Vulnerability #TechNews https://t.co/5rSc22YT2V
@vulns_space
26 Mar 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes