CVE-2025-20383

Improper access control through push notifications for reports and alerts in Splunk Secure Gateway app

CVSS 4.3 MEDIUMEPSS 0.3%CWE-200

Vexday Risk Score

13Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS 4.3EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

03 dez 2025Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and below 3.9.10, 3.8.58, and 3.7.28 of Splunk Secure Gateway app in Splunk Cloud Platform, a low-privileged user that does not hold the "admin" or "power" Splunk roles and subscribes to mobile push notifications could receive notifications that disclose the title and description of the report or alert even if they do not have access to view the report or alert.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Produtos afetados

Splunk · Splunk Cloud Platform Splunk · Splunk Enterprise Splunk · Splunk Secure Gateway

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://advisory.splunk.com/advisories/SVD-2025-1202